Jump to content

Recommended Posts

Hi all,

I actually do PHP but found this handy JavaScript to validate the input e-mail address.

I have a mail form, it validate the required fields and the form include CAPTCHA but still, the spammers get me by means of either manual spam or using some altering method that pulls the Processor php file. So first I added the code to the "form.php" but then it just display the code on the top of page. Then I include_once('file.js');  and it pops  either error or display the code. Then I include_once the file (valid.js) in processor.php but it doesn't validate the wrong mail address which does not exist. This is the code:

function validEmail($email) {
$isValid = true;
$atIndex = strrpos($email, "@");
if (is_bool($atIndex) && !$atIndex) {
$isValid = false;
} else {
$domain = substr($email, $atIndex+1);
$local = substr($email, 0, $atIndex);
$localLen = strlen($local);
$domainLen = strlen($domain);
if ($localLen < 1 || $localLen > 64) { // local part length exceeded
$isValid = false;
} else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded
$isValid = false;
} else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.'
$isValid = false;
} else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots
$isValid = false;
} else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part
$isValid = false;
} else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots
$isValid = false;
} else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless
// local part is quoted
if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local)))
{

  

  

  

  

$isValid = false;

  

  

  

}

  

  

}

  

  

if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS

  

  

  

$isValid = false;

  

  

}

  

}

  

return $isValid;
} // end of function

// FIELD VALIDATION . . . 
if( validEmail($e_mail) == true ) { 
     // address ok
} else {
     // address bad
}

This is more for spoofing...

Any help please or a direction can help...

Regards

Link to comment
https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/
Share on other sites

UPDATE!!

How about I just add a field where the user must re-enter the e-mail address and compare the 2 fields??

 

 

Hi all,

I actually do PHP but found this handy JavaScript to validate the input e-mail address.

I have a mail form, it validate the required fields and the form include CAPTCHA but still, the spammers get me by means of either manual spam or using some altering method that pulls the Processor php file. So first I added the code to the "form.php" but then it just display the code on the top of page. Then I include_once('file.js');  and it pops  either error or display the code. Then I include_once the file (valid.js) in processor.php but it doesn't validate the wrong mail address which does not exist. This is the code:

function validEmail($email) {
$isValid = true;
$atIndex = strrpos($email, "@");
if (is_bool($atIndex) && !$atIndex) {
$isValid = false;
} else {
$domain = substr($email, $atIndex+1);
$local = substr($email, 0, $atIndex);
$localLen = strlen($local);
$domainLen = strlen($domain);
if ($localLen < 1 || $localLen > 64) { // local part length exceeded
$isValid = false;
} else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded
$isValid = false;
} else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.'
$isValid = false;
} else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots
$isValid = false;
} else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part
$isValid = false;
} else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots
$isValid = false;
} else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless
// local part is quoted
if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local)))
{

  

  

  

  

$isValid = false;

  

  

  

}

  

  

}

  

  

if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS

  

  

  

$isValid = false;

  

  

}

  

}

  

return $isValid;
} // end of function

// FIELD VALIDATION . . . 
if( validEmail($e_mail) == true ) { 
     // address ok
} else {
     // address bad
}

This is more for spoofing...

Any help please or a direction can help...

Regards

You have way more logic than needed to validate the email format. Here is a function with just three lines of code that does all of what you have in more than a dozen lines:

function validEmail(emailStr)
{
    //Return true/false for valid/invalid email
    formatTest = /^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]*[a-z\d])?(\.[a-z\d]([a-z\d-]*[a-z\d])?)*\.[a-z]{2,6}$/i
    lengthTest = /^(.{1,64})@(.{4,255})$/
    return (formatTest.test(emailStr) && lengthTest.test(emailStr));
}

 

That function will validate that the email meets the following criteria:

 

The username:

[*]Can contain the following characters:

  • Uppercase and lowercase English letters (a-z, A-Z)
  • Digits 0 to 9
  • Characters: _ ! # $ % & ' * + - / = ? ^ ` { | } ~

[*]May contain '.' (periods), but cannot begin or end with a period and they may not appear in succession (i.e. 2 or more in a row)

[*]Must be between 1 and 64 characters

The domain name:

[*]Can contain the following characters: 'a-z', 'A-Z', '0-9', and '-' (hyphen).

[*]There may be subdomains, separated by a period (.), but the combined domain may not begin with a period and they not appear in succession (i.e. 2 or more in a row)

[*]Hostname parts may not begin or end with a hyphen

[*]The 'combined' domain name must be followed by a period and the TLD (top level domain).

The TLD (Top Level Domain):

[*]Can contain the following characters: 'a-z', and 'A-Z'.

[*]The TLD must consist of 2-6 alpha characters in either upper or lower case. (6 characters are needed to support .museum).

Note: the domain and tld parts must be between 4 and 256 characters total

 

Wait, I posted my JavaScript validation (because this is the JS forum), but I see you are doing the validation in PHP. So, not sure what you are really wanting, but here is the same funciton in a PHP version:

 

function is_email($email) {
    $formatTest = '/^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]*[a-z\d])?(\.[a-z\d]([a-z\d-]*[a-z\d])?)*\.[a-z]{2,6}$/i';
    $lengthTest = '/^(.{1,64})@(.{4,255})$/';
    return (preg_match($formatTest, $email) && preg_match($lengthTest, $email));
}   

Wow, if you're going to be that precise, you may as well include certain special chars like \x01. :P

 

No. Those are the parameters that "most" email servers would allow. Technically, I think any character is allowed in the username portion of the email address - even a space. But, many/most email servers are not configured to support it.

 

Yes, it is an elaborate validation, but many other validation scripts create false positives (flagging email addresses as invalid when they are valid). The perfect example is the plus sign. That is a perfectly legitimate character for the username, however many validation scripts do not allow it. That is unfortunate since gmail has a fantastic feature the utilizes that character.

 

Example: if I have the gmail address of username@gmail.com, then I can also use username+freaks@gmail.com and it will still go to the same mailbox. Basically you can add any characters after the plus sign up to a certain number. This is a great feature because you can set up a different email address when you sign up on different sites. You can then use it to categorize yur email and identify what sites are reselling your email address.

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.