Mr_J Posted April 21, 2010 Share Posted April 21, 2010 Hi all, I actually do PHP but found this handy JavaScript to validate the input e-mail address. I have a mail form, it validate the required fields and the form include CAPTCHA but still, the spammers get me by means of either manual spam or using some altering method that pulls the Processor php file. So first I added the code to the "form.php" but then it just display the code on the top of page. Then I include_once('file.js'); and it pops either error or display the code. Then I include_once the file (valid.js) in processor.php but it doesn't validate the wrong mail address which does not exist. This is the code: function validEmail($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { // local part length exceeded $isValid = false; } else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded $isValid = false; } else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.' $isValid = false; } else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots $isValid = false; } else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part $isValid = false; } else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots $isValid = false; } else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless // local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS $isValid = false; } } return $isValid; } // end of function // FIELD VALIDATION . . . if( validEmail($e_mail) == true ) { // address ok } else { // address bad } This is more for spoofing... Any help please or a direction can help... Regards Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/ Share on other sites More sharing options...
Mr_J Posted April 21, 2010 Author Share Posted April 21, 2010 UPDATE!! How about I just add a field where the user must re-enter the e-mail address and compare the 2 fields?? Hi all, I actually do PHP but found this handy JavaScript to validate the input e-mail address. I have a mail form, it validate the required fields and the form include CAPTCHA but still, the spammers get me by means of either manual spam or using some altering method that pulls the Processor php file. So first I added the code to the "form.php" but then it just display the code on the top of page. Then I include_once('file.js'); and it pops either error or display the code. Then I include_once the file (valid.js) in processor.php but it doesn't validate the wrong mail address which does not exist. This is the code: function validEmail($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { // local part length exceeded $isValid = false; } else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded $isValid = false; } else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.' $isValid = false; } else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots $isValid = false; } else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part $isValid = false; } else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots $isValid = false; } else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless // local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS $isValid = false; } } return $isValid; } // end of function // FIELD VALIDATION . . . if( validEmail($e_mail) == true ) { // address ok } else { // address bad } This is more for spoofing... Any help please or a direction can help... Regards Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/#findComment-1045818 Share on other sites More sharing options...
Psycho Posted April 21, 2010 Share Posted April 21, 2010 You have way more logic than needed to validate the email format. Here is a function with just three lines of code that does all of what you have in more than a dozen lines: function validEmail(emailStr) { //Return true/false for valid/invalid email formatTest = /^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]*[a-z\d])?(\.[a-z\d]([a-z\d-]*[a-z\d])?)*\.[a-z]{2,6}$/i lengthTest = /^(.{1,64})@(.{4,255})$/ return (formatTest.test(emailStr) && lengthTest.test(emailStr)); } That function will validate that the email meets the following criteria: The username: [*]Can contain the following characters: Uppercase and lowercase English letters (a-z, A-Z) Digits 0 to 9 Characters: _ ! # $ % & ' * + - / = ? ^ ` { | } ~ [*]May contain '.' (periods), but cannot begin or end with a period and they may not appear in succession (i.e. 2 or more in a row) [*]Must be between 1 and 64 characters The domain name: [*]Can contain the following characters: 'a-z', 'A-Z', '0-9', and '-' (hyphen). [*]There may be subdomains, separated by a period (.), but the combined domain may not begin with a period and they not appear in succession (i.e. 2 or more in a row) [*]Hostname parts may not begin or end with a hyphen [*]The 'combined' domain name must be followed by a period and the TLD (top level domain). The TLD (Top Level Domain): [*]Can contain the following characters: 'a-z', and 'A-Z'. [*]The TLD must consist of 2-6 alpha characters in either upper or lower case. (6 characters are needed to support .museum). Note: the domain and tld parts must be between 4 and 256 characters total Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/#findComment-1045892 Share on other sites More sharing options...
Psycho Posted April 21, 2010 Share Posted April 21, 2010 Wait, I posted my JavaScript validation (because this is the JS forum), but I see you are doing the validation in PHP. So, not sure what you are really wanting, but here is the same funciton in a PHP version: function is_email($email) { $formatTest = '/^[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*@[a-z\d]([a-z\d-]*[a-z\d])?(\.[a-z\d]([a-z\d-]*[a-z\d])?)*\.[a-z]{2,6}$/i'; $lengthTest = '/^(.{1,64})@(.{4,255})$/'; return (preg_match($formatTest, $email) && preg_match($lengthTest, $email)); } Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/#findComment-1045898 Share on other sites More sharing options...
Ken2k7 Posted April 21, 2010 Share Posted April 21, 2010 Wow, if you're going to be that precise, you may as well include certain special chars like \x01. Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/#findComment-1045910 Share on other sites More sharing options...
Psycho Posted April 21, 2010 Share Posted April 21, 2010 Wow, if you're going to be that precise, you may as well include certain special chars like \x01. No. Those are the parameters that "most" email servers would allow. Technically, I think any character is allowed in the username portion of the email address - even a space. But, many/most email servers are not configured to support it. Yes, it is an elaborate validation, but many other validation scripts create false positives (flagging email addresses as invalid when they are valid). The perfect example is the plus sign. That is a perfectly legitimate character for the username, however many validation scripts do not allow it. That is unfortunate since gmail has a fantastic feature the utilizes that character. Example: if I have the gmail address of username@gmail.com, then I can also use username+freaks@gmail.com and it will still go to the same mailbox. Basically you can add any characters after the plus sign up to a certain number. This is a great feature because you can set up a different email address when you sign up on different sites. You can then use it to categorize yur email and identify what sites are reselling your email address. Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/#findComment-1045930 Share on other sites More sharing options...
Mr_J Posted April 22, 2010 Author Share Posted April 22, 2010 WOW!! Well, I'm no guru and have a spam problem and I just get pissed off. If I get 1 more "VIAGRA" e-mail I'm going stiff Thanx for the help Quote Link to comment https://forums.phpfreaks.com/topic/199251-validate-mail-dns-lookup/#findComment-1046265 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.