How to add email validation to existing code?

[forgottenglory]

I have a mailing list script that I have been using for some years now. I got it from the web and thought that it validated the email until I started receiving all sort of garbage through the mailing list which were not valid email addresses. Can somebody please tell me how to amend the code in such a way that it prevents people from sending invalid emails.  Please note that I am not fluent in php so would really appreciate precise answers.  Thanks.

 

<?php
if(isset($_REQUEST['add_email'])){//if the form has been submitted, then process the e-mail address.
    if(isset($_REQUEST['email'])){//check that an email address has been entered.
        $email= $_REQUEST['email'];//assign the email address to the $email variable.
    }else{
        $email= NULL; // if there is no email address then make the $email variable blank/ NULL.
    }
    function email($to, $from, $subject, $message){//A little function to properly format the email (should work without) 
        $lb="\r\n";
        $header = "From: ".$from;
        $header.= $lb;
        $header.='MIME-Version: 1.0';
        $header.='Content-type: text/html; charset=iso-8859-1';
        mail($to, $subject, $message, $header);
    }
    $to= 'info@yourhost.com';//Email address to send details to.
    $subject= 'Mailing list submission';
    $message_client='You have signed up to the mailing list to receive updates';
    $message_admin="The following email address has signed up to the mailing list: $email ";
    
    if($email){//if there is an email address
        $email_admin= email($to, $email, $subject, $message_admin);//send the email to the site admin.
        $email_client= email($email, $to, $subject, $message_client);//Send a confirmation to the client.
                    
        if(!$email_admin){//if the email has been sent, display a message.
            echo '<P class="quotesMain">Thank you, your e-mail has been sent. You will receive a confirmation message via the e-mail you address provided.</P>';
        }else{
            echo '<P class="quotesMain">There seems to have been a system error, please go back and try again. Sorry for any inconvenience caused.</P>';
        }
    }else{
        echo '<P class="quotesMain">There has been a problem, please click back and try again. Sorry for any inconvenience caused.</P>';
    }
}else{//If the form has not been submitted, display a message.
    echo '<P class="quotesMain">Enter your email address to receive updates.
             Your information will not be shared with third parties.</P>';
}
?>
                    <!--end of PHP code for the mailing list form -->
                    <!-- Display the form -->
                    <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post" class="quotesMain">
                      <INPUT name="email" type="text" class="form" value="<?php echo $_REQUEST['email'];?>" />
                      <INPUT name="add_email" type="submit" class="formbutton" value="submit" />
                    </form>

[dani0999]

you can not validate the whole email address, but the domain only.

 

try this:

if(!eregi('^[a-zA-Z0-9_\-\.]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$', $email))
{
	echo 'that is an invalid format of email address.';
	exit;
}
   else
{
	echo' valid email address';
}

 

regards

 

dan

[dani0999]

you can as well try this:

 

// create short variable names

  $email=$_POST['email'];



if (function_exists("getmxrr") && function_exists("gethostbyname"))

  {

    // Extract the domain of the email address

    $maildomain = substr(strstr($email, '@'), 1);



    if (!(getmxrr($maildomain, $temp) ||

          gethostbyname($maildomain) != $maildomain))

    {

      print "The domain does not exist.";

      return true;

    }



}

 

this actually check if the doamin exits or not.

[forgottenglory]

you can not validate the whole email address, but the domain only.

 

try this:

if(!eregi('^[a-zA-Z0-9_\-\.]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$', $email))
{
	echo 'that is an invalid format of email address.';
	exit;
}
   else
{
	echo' valid email address';
}

 

regards

 

dan

 

This works fine Dan so I'll think I'll stick with that.  The only problem I have now is if somebody puts an invalid email address, the message

 

"that is an invalid format of email address."

 

is displayed.  What I would want the script to do is to return to the original page so that the user can see the form and enter their email address again.  How do you acheive this?  Thanks

[dani0999]

try this:

 

  if(!eregi('^[a-zA-Z0-9_\-\.]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$', $email))
{
	echo '<font color=red>that is an invalid format of email address.</font>';

}
   else
{
	echo' valid email address';
}

 

 

[forgottenglory]

Removing 'exit;' is not working because it's allowing invalid email addresses through and displays the following messages together:

 

that is an invalid format of email address.

 

Thank you, your e-mail has been sent. You will receive a confirmation message via the e-mail you address provided.

 

 

 

[forgottenglory]

Anybody?

[jitesh]

if(preg_match("/^[a-zA-Z_]+(\w+)*((-\w+)|(\.\w+))*\@\w+((\.|-)\w+)*\.\w+$/i",$_REQUEST['email']){
         echo "valid email";
}else{
        echo "Invalid Email";
}

[MadTechie]

Try this

 

<?php
if (!preg_match('/^\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b$/i', $email))
{
echo '
Invalid Email Address
<script type="text/javascript">
<!--
    window.location = "register.php"
//-->
</script>';
}
?>

 

timed example

<?php
if (!preg_match('/^\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b$/i', $email))
{
echo '
Invalid Email Address
<script type="text/javascript">
<!--
function register(){
    window.location = "register.php"
}
setTimeout("register()", 5000)
//-->
</script>';
}
?>

 

 

please note both are untested

[xyn]

this will work.

if(!preg_match('|^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z0-9]{2,4}$|i', $_POST['email']))
{
echo("invalid");
}
else
{
echo("Valid!");
}

[MadTechie]

@xyn: as a side note you don't need to the A-Z if you use the i at the end,

 

other than that its the basically the same as mine without the redirect, as requested

 

What I would want the script to do is to return to the original page so that the user can see the form and enter their email address again.  How do you acheive this?  Thanks

[xyn]

true; however shoudl active-X be disabled your javascript redirect will be useless.

maybe a META or HEADER would be more suited?

[MadTechie]

Erm.. what!

 

i assume you mean if javascript is disabled..

yes you could use meta tags

ie

<META http-equiv="refresh" content="5;URL=register.php">

 

but personally i would use header() for the redirect, but without knowing the full code, that could be a tin of worms.

 

but 90% of the signup pages i write i use JS to check the email, then re-check via php (saves server processing)

[xyn]

yes, i did mention both of those techniques..

i wasnt asking for a running commentary.

besides if js is off. your script is useless.

[MadTechie]

please re-read my last post!

[xyn]

I did. i dont care about the two validations;

one of those works. the other can be avoided.

 

[MadTechie]

well you don't seam to get what i am saying so.. i'm just going to drop it..