By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,168 Members | 1,564 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,168 IT Pros & Developers. It's quick & easy.

Help with email address validation using eregi()

P: n/a
Hi

The following script was taken from John Coggeshall's (PHP consultant) in his
article on Zends site at http://www.zend.com/zend/spotlight/ev12apr.php

// Get the email address to validate
$email = $_POST['email']
// Use John Coggeshalls script to validate the email address
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
echo "The e-mail was not valid";
}
else {
echo "The e-mail was valid";
}

In the first instance the script does not work if I copy and paste it into my
php file. I get a parse error message.
In the second instance, there are many postings relating to the scripts
effectiveness in that it will still allow email addresses that are invalid.
So I have 3 questions.
1) Why do I get the parse error message?
2) Is there a definitive email validation script?
3) Where can I find regular expressions or other form validation scripts to
validate things such as telephone numbers, postcodes, names that don't contain
numeric characters etc etc

Kind regards
Dynamo

Jul 17 '05 #1
Share this Question
Share on Google+
25 Replies


P: n/a
Dynamo wrote:
The following script was taken from John Coggeshall's (PHP consultant) in his
article on Zends site at http://www.zend.com/zend/spotlight/ev12apr.php

// Get the email address to validate
$email = $_POST['email']
Missing semicolon at the end.
eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email)
Too strict and too liberal at the same time.

[ ... ]
So I have 3 questions.
1) Why do I get the parse error message?
Ask PHP to tell you, not us.
2) Is there a definitive email validation script?
http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html is
often put forward here, but it requires Perl to fully
validate an address because the pattern itself does not
handle comments.
3) Where can I find regular expressions or other form validation scripts to
validate things such as telephone numbers,
DIY:

http://www.geocities.com/dtmcbride/r...e/tel-fmt.html
postcodes,
UK:

`([A-Z]{1,2})(\d[A-Z\d]?)\040(\d)([ABD-HJLNP-UW-Z]{2})`
names that don't contain numeric characters
Don't understand.
etc etc


Cannot compute.

--
Jock
Jul 17 '05 #2

P: n/a
In article <MP************************@News.Individual.NET> , John Dunlop says...
// Get the email address to validate
$email = $_POST['email']


Missing semicolon at the end.
eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email)


Too strict and too liberal at the same time.

[ ... ]
So I have 3 questions.
1) Why do I get the parse error message?


Ask PHP to tell you, not us.


Granted the semi-colon is missing in my post but it is present in my actual
script.

PHP simply sais Parse error. Unexpected '}' but I cannot see where.

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
echo "The e-mail was not valid";
}
else {
echo "The e-mail was valid";
}

This following script is taken from a posting by an 11 year old to validate
passwords.

if (!ereg('^[[:alnum:]]+$', $pass)) {
$err14 = "Password contains illegal characters</br>";
$errors = 1;
}

AND IT WORKS! Now if an 11 year old can do that and yet a php consultant posts a
script that doesn't work then where does that leave a 50 year old newbie like
me! DAZED and CONFUSED.

Regards
Dynamo

Jul 17 '05 #3

P: n/a
Carved in mystic runes upon the very living rock, the last words of
Dynamo of comp.lang.php make plain:
The following script was taken from John Coggeshall's (PHP consultant)
in his article on Zends site at
http://www.zend.com/zend/spotlight/ev12apr.php

// Get the email address to validate
$email = $_POST['email']
// Use John Coggeshalls script to validate the email address
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) { 1) Why do I get the parse error message?
You're missing a closing parenthesis at the end of your condition. But
this regex is not valid anyway. I don't know about it passing invalid
address, but it will not pass many valid ones. The fact is, virtually
anything is allowed to the left of the @ sign, and all regexes I've seen
for email validation fail to allow for this. Further, something like
"fp***********@ufidos.yy.zzz" would pass, but is obviously not a valid
address. The way to validate an email address is to break it down into
its parts and analyze the parts, for example:
2) Is there a definitive email validation script?
There's a pretty good email validation function in HoloLib:

ftp://ftp.holotech.net/hololib.zip
3) Where can I find regular expressions or other form validation
scripts to validate things such as telephone numbers, postcodes, names
that don't contain numeric characters etc etc


http://www.phorm.com/

--
Alan Little
Phorm PHP Form Processor
http://www.phorm.com/
Jul 17 '05 #4

P: n/a
Dynamo <Dy***********@newsguy.com> wrote:
1) Why do I get the parse error message?
Ask PHP to tell you, not us.


Granted the semi-colon is missing in my post but it is present in my actual
script.


Then post the real code!
PHP simply sais Parse error. Unexpected '}' but I cannot see where.
Is this the _real_ error? Are you sure it isn't: Unexpected '{' ?
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
There is a ')' missing here ^
This following script is taken from a posting by an 11 year old to validate
passwords.

if (!ereg('^[[:alnum:]]+$', $pass)) {
$err14 = "Password contains illegal characters</br>";
$errors = 1;
} AND IT WORKS!
No it doesn't... all it does is force weak passwords
Now if an 11 year old can do that and yet a php consultant posts a
script that doesn't work then where does that leave a 50 year old
newbie like me! DAZED and CONFUSED.


What are you trying to accomplish? IMHO email "validation" in PHP is a
total waste of time and resources. The regexp you found "validates"
the obvious invalid '-@-.xx' as a valid emailaddress, and the very possibly
valid 'f****@last.name' as invalid.

If you want to make sure the email is valid, the only way is to actually
send a challenge to the emailaddress and wait for the response.

Jul 17 '05 #5

P: n/a
In article <Xn**************************@216.196.97.132>, Alan Little says...
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {

1) Why do I get the parse error message?


You're missing a closing parenthesis at the end of your condition.


In my original post the closing parenthisis was there in the else part of the
statement or am I going mad?

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
echo "The e-mail was not valid";
}
else {
echo "The e-mail was valid";
} // closing parenthisis is here

But thanks for the other info.
Regards
Dynamo
Jul 17 '05 #6

P: n/a
Carved in mystic runes upon the very living rock, the last words of
Dynamo of comp.lang.php make plain:
In article <Xn**************************@216.196.97.132>, Alan Little
says...
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
1) Why do I get the parse error message?


You're missing a closing parenthesis at the end of your condition.

In my original post the closing parenthisis was there in the else part
of the statement or am I going mad?
You're thinking of the curly braces for the code block. I'm talking about
the parenthesis around the condition. You have:
if(!eregi("[the pattern]", $email) {

^
parenthesis missing
--
Alan Little
Phorm PHP Form Processor
http://www.phorm.com/
Jul 17 '05 #7

P: n/a
Carved in mystic runes upon the very living rock, the last words of
Daniel Tryba of comp.lang.php make plain:
What are you trying to accomplish? IMHO email "validation" in PHP is a
total waste of time and resources.

If you want to make sure the email is valid, the only way is to
actually send a challenge to the emailaddress and wait for the
response.


Ultimately, yes, that's the only way to know if an email address is valid:
send something and see if it bounces. But you can do some pre-checking that
is worthwhile for catching things like typos and so forth.

--
Alan Little
Phorm PHP Form Processor
http://www.phorm.com/
Jul 17 '05 #8

P: n/a
I can answer one of your questions...

This line:
$email = $_POST['email']

needs to be this:
$email = $_POST['email'];

I would also take a look at this site:

http://www.webreference.com/programming/php/regexps/
You may just want to make your own regular expressions.

Jul 17 '05 #9

P: n/a
I can answer one of your questions...

This line:
$email = $_POST['email']

needs to be this:
$email = $_POST['email'];

I would also take a look at this site:

http://www.webreference.com/programming/php/regexps/
You may just want to make your own regular expressions.

Jul 17 '05 #10

P: n/a
Alan Little <al**@n-o-s-p-a-m-phorm.com> wrote:
If you want to make sure the email is valid, the only way is to
actually send a challenge to the emailaddress and wait for the
response.
Ultimately, yes, that's the only way to know if an email address is valid:
send something and see if it bounces.


No, that's not the same, I can enter any valid address that isn't mine
and have it not bounce. Challenge/response as in: (double)opt-in
procedure.
But you can do some pre-checking that is worthwhile for catching
things like typos and so forth.


If it's that important ask the question twice (like is standard with
passwords) and asking the user for confirmation...

Jul 17 '05 #11

P: n/a
What is the parse error that you get?

Jul 17 '05 #12

P: n/a
Put the following javascript in the onsubmit() method of the form i.e
<form name=form1 onsubmit='return isReady(this)'>

function isReady(form) // assuming the form variable is called $email
{
if(form.email.value.indexOf("@")=="-1" ||
form.email.value.indexOf(".")=="-1" )
{
alert("Please enter a valid email address");
form.cust_email.select();
form.cust_email.focus();
return false;
}
return true;
}
Dynamo wrote:
Hi

The following script was taken from John Coggeshall's (PHP consultant) in his
article on Zends site at http://www.zend.com/zend/spotlight/ev12apr.php

// Get the email address to validate
$email = $_POST['email']
// Use John Coggeshalls script to validate the email address
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
echo "The e-mail was not valid";
}
else {
echo "The e-mail was valid";
}

In the first instance the script does not work if I copy and paste it into my
php file. I get a parse error message.
In the second instance, there are many postings relating to the scripts
effectiveness in that it will still allow email addresses that are invalid.
So I have 3 questions.
1) Why do I get the parse error message?
2) Is there a definitive email validation script?
3) Where can I find regular expressions or other form validation scripts to
validate things such as telephone numbers, postcodes, names that don't contain
numeric characters etc etc

Kind regards
Dynamo

Jul 17 '05 #13

P: n/a
In article <41***********************@dreader3.news.xs4all.nl >, Daniel Tryba
says...

Dynamo <Dy***********@newsguy.com> wrote:
1) Why do I get the parse error message?

Ask PHP to tell you, not us.


Granted the semi-colon is missing in my post but it is present in my actual
script.


Then post the real code!

[snip]
Humblest apologies
This following script is taken from a posting by an 11 year old to validate
passwords.

if (!ereg('^[[:alnum:]]+$', $pass)) {
$err14 = "Password contains illegal characters</br>";
$errors = 1;
}

AND IT WORKS!


No it doesn't... all it does is force weak passwords

[snip]

As a newbie, and having tried loads of supposed ready made validation scripts
that didn't work, I simply found it quite ironic that an 11 year old posted a
script that actually worked. When I say "worked" I mean it didn't cause any
parse error messages or any warnings as did other scripts from supposed php
consultants. Wether it is effective or not in that it may force weak passwords
is another issue far beyond my comprehension. It is not my intention to upset
anybody in this newsgroup and I appreciate your comments and will try adding the
extra parenthisis.

Kind Regards
Dynamo

Jul 17 '05 #14

P: n/a
In article <11**********************@z14g2000cwz.googlegroups .com>, powdahound
says...

What is the parse error that you get?

Thanks but I think its sorted

Jul 17 '05 #15

P: n/a
In article <11**********************@z14g2000cwz.googlegroups .com>,
ke***@keithslater.com says...

I can answer one of your questions...

This line:
$email = $_POST['email']

needs to be this:
$email = $_POST['email'];

I would also take a look at this site:

http://www.webreference.com/programming/php/regexps/
You may just want to make your own regular expressions.

Other related posts cover the missing ; which is not cause of the problem. But
thanks for the link. Found the site useful.
Regards
Dynamo

Jul 17 '05 #16

P: n/a
In article <Xn**************************@216.196.97.132>, Alan Little says...

Carved in mystic runes upon the very living rock, the last words of
Dynamo of comp.lang.php make plain:
You're thinking of the curly braces for the code block. I'm talking about
the parenthesis around the condition. You have:
if(!eregi("[the pattern]", $email) {

^
parenthesis missing

Humble apologies. Must get to grips with brackets,curly braces and parenthesis.
Thanks for spotting the error
Kind regards
Dynamo

Jul 17 '05 #17

P: n/a
Dynamo <Dy***********@newsguy.com> wrote:
AND IT WORKS!
No it doesn't... all it does is force weak passwords

[snip]

As a newbie, and having tried loads of supposed ready made validation
scripts that didn't work, I simply found it quite ironic that an 11
year old posted a script that actually worked. When I say "worked" I
mean it didn't cause any parse error messages or any warnings as did
other scripts from supposed php consultants. Wether it is effective
or not in that it may force weak passwords is another issue far beyond
my comprehension.


Those kind of programming errors are hardest to find: logica errors in
perfectly valid code :)
It is not my intention to upset
anybody in this newsgroup and I appreciate your comments and will try adding the
extra parenthisis.


A good editor helps to find these silly errors, syntax highlighting
(good against missing quotes or typos in functions) and counting
brackets are very usefull. To find one scan for an editor flamewar in
this groups (or any other programming group), but offcourse anyone knows
vim is the best for any task.

If you want to understand regexp, please read the PCRE section in the
PHP manual. It seems O'Reilly has a good book about regexps if you like
dead wood.

Jul 17 '05 #18

P: n/a
Peter <pe***********@forgeserversolutions.co.uk> wrote:
if(form.email.value.indexOf("@")=="-1" ||
form.email.value.indexOf(".")=="-1" )


A very poor solution. Did you know that since ECMAScript 1.3 (IIRC)
regular expressions are supported?

Jul 17 '05 #19

P: n/a
Carved in mystic runes upon the very living rock, the last words of
Daniel Tryba of comp.lang.php make plain:
But you can do some pre-checking that is worthwhile for catching
things like typos and so forth.


If it's that important ask the question twice (like is standard with
passwords)


Which most people (including me) just copy and paste. If you don't want to
do email address validation, you don't have to. No one is going to force
you to. I personally have found it worthwhile, as have many of my users,
but as with anything YMMV.

--
Alan Little
Phorm PHP Form Processor
http://www.phorm.com/
Jul 17 '05 #20

P: n/a
Hello,

On 12/02/2004 08:19 AM, Dynamo wrote:
2) Is there a definitive email validation script?
You may want to try this popular e-mail validation class that can go up
to the destination server to ask it whether the address is valid.

http://www.phpclasses.org/emailvalidation

3) Where can I find regular expressions or other form validation scripts to
validate things such as telephone numbers, postcodes, names that don't contain
numeric characters etc etc


You may also want to try this popular forms generation and validation class:

http://www.phpclasses.org/formsgeneration
--

Regards,
Manuel Lemos

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/

Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
Jul 17 '05 #21

P: n/a
I noticed that Message-ID:
<41***********************@dreader3.news.xs4all.nl > from Daniel Tryba
contained the following:
Those kind of programming errors are hardest to find: logica errors in
perfectly valid code :)


I run an Introduction to PHP class. When students moan about error
messages I tell them they should be grateful for them - the worst errors
are the ones that do not give a message.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 17 '05 #22

P: n/a
No need for the semicolon there, just add another ')' to round out your
IF...

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,
3})$", $email))

I use:

$pattern =
"^([A-Za-z0-9]+[._]?){1,}[A-Za-z0-9]+\@(([A-Za-z0-9]+[-]?){1,}[A-Za-z0-9]+\.
){1,}[A-Za-z]{2,6}$";
if (ereg($pattern,$email]))
{
// valid email
}
else
{
// invalid email
}

Norman
---
Avatar hosting at www.easyavatar.com
"Dynamo" <Dy***********@newsguy.com> wrote in message
news:co*********@drn.newsguy.com...
In article <MP************************@News.Individual.NET> , John Dunlop says...
// Get the email address to validate
$email = $_POST['email']


Missing semicolon at the end.
eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email)


Too strict and too liberal at the same time.

[ ... ]
So I have 3 questions.
1) Why do I get the parse error message?


Ask PHP to tell you, not us.


Granted the semi-colon is missing in my post but it is present in my

actual script.

PHP simply sais Parse error. Unexpected '}' but I cannot see where.

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-
]+)*(\.[a-z]{2,3})$", $email) {
echo "The e-mail was not valid";
}
else {
echo "The e-mail was valid";
}

This following script is taken from a posting by an 11 year old to validate passwords.

if (!ereg('^[[:alnum:]]+$', $pass)) {
$err14 = "Password contains illegal characters</br>";
$errors = 1;
}

AND IT WORKS! Now if an 11 year old can do that and yet a php consultant posts a script that doesn't work then where does that leave a 50 year old newbie like me! DAZED and CONFUSED.

Regards
Dynamo

Jul 17 '05 #23

P: n/a
I suggest trying this one:

$pattern =
"^([A-Za-z0-9]+[._]?){1,}[A-Za-z0-9]+\@(([A-Za-z0-9]+[-]?){1,}[A-Za-z0-9]+\.
){1,}[A-Za-z]{2,6}$";
What are you trying to accomplish? IMHO email "validation" in PHP is a
total waste of time and resources. The regexp you found "validates"
the obvious invalid '-@-.xx' as a valid emailaddress, and the very possibly valid 'f****@last.name' as invalid.

If you want to make sure the email is valid, the only way is to actually
send a challenge to the emailaddress and wait for the response.


I'm sure that checking the validity through 'regular expressions' prior to
'pinging' the email address can't hurt and would definately cut down on the
number of 'failed' email addresses.
Norman
--
Avatar hosting at www.easyavatar.com
Jul 17 '05 #24

P: n/a
"Daniel Tryba" <sp**@tryba.invalid> wrote in message
news:41***********************@dreader3.news.xs4al l.nl...
Alan Little <al**@n-o-s-p-a-m-phorm.com> wrote:
If you want to make sure the email is valid, the only way is to
actually send a challenge to the emailaddress and wait for the
response.


Ultimately, yes, that's the only way to know if an email address is valid: send something and see if it bounces.


No, that's not the same, I can enter any valid address that isn't mine
and have it not bounce. Challenge/response as in: (double)opt-in
procedure.
But you can do some pre-checking that is worthwhile for catching
things like typos and so forth.


If it's that important ask the question twice (like is standard with
passwords) and asking the user for confirmation...


Alot of times I just cut'n'paste in fields like that... I type fairly well
(meaning I don't usually make many errant keystrokes) and find myself
thinking I made a mistake the first time by having to enter the info again.

I choose to check the validity via regular expressions (to the best of my
ability) and then send an email requesting confirmation...
Norman
--
Avatar hosting at www.easyavatar.com
Jul 17 '05 #25

P: n/a
Norman Peelman wrote:
$pattern =
"^([A-Za-z0-9]+[._]?){1,}[A-Za-z0-9]+\@(([A-Za-z0-9]+[-]?){1,}[A-Za-z0-9]+\.
){1,}[A-Za-z]{2,6}$";
That pattern is restrictive to a fault. It fails to match
all valid addresses. us*********@john.dunlop.name is, in
accordance with usenet convention, real; yet applying the
pattern above to it yields no match.
I'm sure that checking the validity through 'regular expressions' prior to
'pinging' the email address can't hurt and would definately cut down on the
number of 'failed' email addresses.


Yes, but overly strict checking could hurt.

--
Jock
Jul 17 '05 #26

This discussion thread is closed

Replies have been disabled for this discussion.