Validating email address's in forms ?

[_Chris]

I should imagine others here have experienced it. The user completes your form, and they unintentionally input their email address incorrectly. Then when you reply to their form, you then get the mailer daemon returning your email !

 

Now, there's a couple of ways that some websites try to solve this problem - some ask the user to input their email address twice, some show the forms results on the next page, so that the user has a last chance to check, before completing the submission.

 

Two things - firstly, are there any other ways of trying to ensure that, as much as possible, that the user inputs the correct email address ?

 

Secondly, what have you found works really well for you please ?

 

Any help much appreciated.

 

Chris

 

[POG1]

4 things..

 

 

1. Make them enter their email twice.

2. Show on the page if the email is valid.

3. Do a server side check to see if the email is valid.

4. You could use ajax to show if the email is taken or dHTML to check if the emails match.

[co.ador]

Entering twice would be a way to make the users to check on what he is writing too.

[_Chris]

4 things..

 

 

1. Make them enter their email twice.

2. Show on the page if the email is valid.

3. Do a server side check to see if the email is valid.

4. You could use ajax to show if the email is taken or dHTML to check if the emails match.

Many thanks to you both for that, for this post - I understood No 1, but can you expand a little on the others at all please ?

 

 

[Daniel0]

When people ask me to enter my email twice, I copy it from the first field to the second field. Just saying. I think it's annoying having to repeat myself. I think it's annoying having to repeat myself.

[_Chris]

Very true, in fact, I would imagine quite a few people do that - I've been doing it myself for many years.

 

Any other ideas ?

 

Also, how do these look to you :

 

Make sure there's an @ and it is not at the end or beginning of the email

 

Make sure there's at least one dot and it is not at the end or beginning of the email.

 

Make sure there's one dot after the @ but not right next to it

 

Make sure that there are at least two characters after the last 'dot'

 

Make sure that there's no commas anywhere

 

Make sure that there's only one @ sign

 

Make sure that only the characters 0123456789abcdefghijklmnopqrstuvwxyz@.-_ are used  (should others be allowed, like !£$%*&+?)

 

Any others that could be added ?

[Daniel0]

If you want to validate the format, then use this regular expression:

 

(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(??:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(??:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])

 

http://tools.ietf.org/html/rfc2822#section-3.4.1

[_Chris]

Many thanks Daniel, would that do more than I mentioned above ?

[Daniel0]

Well, yeah, any valid email address matches that pattern.

[_Chris]

Would you (or anyone else), add anything else to that list at all ?  Just wondering if I missed anything ?

 

[Daniel0]

You could check that the domain name actually exists.

[_Chris]

Thanks Daniel - is that easy to do ?  How do you do that please ?

[anupamsaha]

Thanks Daniel - is that easy to do ?  How do you do that please ?

 

Do a MX record validation. Please refer to "getmxrr" function. http://www.php.net/getmxrr

[Daniel0]

Thanks Daniel - is that easy to do ?  How do you do that please ?

 

I suppose you can check the return value of dns_get_record. If it doesn't return any records then the domain name must be invalid.

 

Thanks Daniel - is that easy to do ?  How do you do that please ?

 

Do a MX record validation. Please refer to "getmxrr" function. http://www.php.net/getmxrr

 

No, the existence or non-existence of an MX record doesn't tell you anything about the validity of the domain.

[_Chris]

Thanks Daniel - is that easy to do ?  How do you do that please ?

 

I suppose you can check the return value of dns_get_record. If it doesn't return any records then the domain name must be invalid.

Thanks - is that a foolproof method ?

 

[Daniel0]

No. If the DNS servers are down then you'll get incorrect results.

[_Chris]

Aaaah, ok, maybe there isn't a foolproof way to find out if their domain name actually exists - is there ?

 

 

[tomhoad]

The only foolproof way is to challenge the email - see if you get a reply from 'pinging' it, if you see what I mean.

[_Chris]

Could that be an automated process ?

[Daniel0]

I believe Tom means the traditional "click a link in your email" type of verifications.

[_Chris]

Would be good to do it all from the one click on form page really.

[BobcatM]

edit: Yall are to fast.

[_Chris]

Ok, I promise to go a tad more slowly if I can