Topic awaiting preservation: Really Solid Email Validation Regular Expression? $Pages that link to <a href="https://ozoneasylum.com/backlink?for=25664" title="Pages that link to Topic awaiting preservation: Really Solid Email Validation Regular Expression?" rel="nofollow" >Topic awaiting preservation: Really Solid Email Validation Regular Expression?\$

Author	Thread
WarMage Maniac (V) Mad Scientist From: Rochester, New York, USA Insane since: May 2000	posted 05-03-2005 16:15 I am looking for a really solid email validation regular expression. I have worked with a bunch in the past, but none of them were what I would considerer hardened. Anyone have on that really follows the Standards? Here are a couple that I came up with off the top of my head, but I am not sure if they do a good job at all. ^[a-zA-Z][\w\.-][\w]@[\w][\w\.-][\w]\.[a-zA-Z][a-zA-Z\.][a-zA-Z]$ ^([a-zA-Z][\w-+]\.?)+@([a-zA-Z][\w]\.)([a-zA-Z][\w]+\.?)+$ Could you share all your email based regex's? Dan @ Code Town
DmS Maniac (V) Inmate From: Sthlm, Sweden Insane since: Oct 2000	posted 05-03-2005 18:22 this is what I usually use, no idea on how good it really is: ^(.+)@([^\(\);:,<>]+\.[a-zA-Z]{2,6}) <edit> Btw, this might be of help http://www.rfc-editor.org/rfc/rfc2822.txt </edit> /Dan {cell 260} {Blog} -{ ?The Internet treats censorship as a malfunction and routes around it.? (-Barlow, John Perry) }- (Edited by DmS on 05-03-2005 18:24)
WarMage Maniac (V) Mad Scientist From: Rochester, New York, USA Insane since: May 2000	posted 05-03-2005 20:25 Woah! Wouldn't that first .+ let something like ';DROP DATABASE *;@somewhere.com in? Might want to watch that. Not going to get through that RFC in a day... Dan @ Code Town
kuckus Paranoid (IV) Mad Librarian From: Glienicke Insane since: Dec 2001	posted 05-03-2005 20:52 I have used this one from Trib's GN tutorial: code: ^[_a-z0-9-]+(.[_a-z0-9-]+)@[a-z0-9-]+(.[a-z0-9-]+)(.[a-z]{2,3})$ but now I look at it again that doesn't look like it would work too well for addresses ending in .info or .name and those other strange new TLDs. So I guess having 2-4 in the curly braces instead would be an idea? Trib also links to an expression that is supposed to test for full RFC comliance, but the file seems to have disappeared and Google is no help finding it....
GRUMBLE Paranoid (IV) Mad Scientist From: Omicron Persei 8 Insane since: Oct 2000	posted 05-03-2005 20:59 hmmm... cant edit... making new post.... (Edited by GRUMBLE on 05-03-2005 21:00) (Edited by GRUMBLE on 05-03-2005 21:00) (Edited by GRUMBLE on 05-03-2005 21:09)
GRUMBLE Paranoid (IV) Mad Scientist From: Omicron Persei 8 Insane since: Oct 2000	posted 05-03-2005 21:01 EDIT: seems as if there are parts that get autolinked, and the code tag doesnt show everything in the line. i once found one that is quite long. i dont know much about how it performs in practice. ^[-_.[:alnum:]]+@((([[:alnum:]]\|[[:alnum:]][[:alnum:]-][[:alnum:]])\.)+(ad\|ae\|aero\|af\|ag\|ai\|al\|am\|an\|ao\|aq\|ar\|arpa\|as\|at\|au\|aw\|az\|ba\|bb\|bd\|be\|bf\|bg\|bh\|bi\|biz\|bj\|bm\|bn\|bo\|br\|bs\|bt\|bv\|bw\|by\|bz\|ca\|cc\|cd\|cf\|cg\|ch\|ci\|ck\|cl\|cm\|cn\|co\|com\|coop\|cr\|cs\|cu\|cv\|cx\|cy\|cz\|de\|dj\|dk\|dm\|do\|dz\|ec\|edu\|ee\|eg\|eh\|er\|es\|et\|eu\|fi\|fj\|fk\|fm\|fo\|fr\|ga\|gb\|gd\|ge\|gf\|gh\|gi\|gl\|gm\|gn\|gov\|gp\|gq\|gr\|gs\|gt\|gu\|gw\|gy\|hk\|hm\|hn\|hr\|ht\|hu\|id\|ie\|il\|in\|info\|int\|io\|iq\|ir\|is\|it\|jm\|jo\|jp\|ke\|kg\|kh\|ki\|km\|kn\|kp\|kr\|kw\|ky\|kz\|la\|lb\|lc\|li\|lk\|lr\|ls\|lt\|lu\|lv\|ly\|ma\|mc\|md\|mg\|mh\|mil\|mk\|ml\|mm\|mn\|mo\|mp\|mq\|mr\|ms\|mt\|mu\|museum\|mv\|mw\|mx\|my\|mz\|na\|name\|nc\|ne\|net\|nf\|ng\|ni\|nl\|no\|np\|nr\|nt\|nu\|nz\|om\|org\|pa\|pe\|pf\|pg\|ph\|pk\|pl\|pm\|pn\|pr\|pro\|ps\|pt\|pw\|py\|qa\|re\|ro\|ru\|rw\|sa\|sb\|sc\|sd\|se\|sg\|sh\|si\|sj\|sk\|sl\|sm\|sn\|so\|sr\|st\|su\|sv\|sy\|sz\|tc\|td\|tf\|tg\|th\|tj\|tk\|tm\|tn\|to\|tp\|tr\|tt\|tv\|tw\|tz\|ua\|ug\|uk\|um\|us\|uy\|uz\|va\|vc\|ve\|vg\|vi\|vn\|vu\|wf\|ws\|ye\|yt\|yu\|za\|zm\|zw)\|(([0-9][0-9]?\|[0-1][0-9][0-9]\|number2[0-4][0-9]\|number2 Ron Gallant[0-5])\.){3}([0-9][0-9]?\|[0-1][0-9][0-9]\|number2[0-4][0-9]\|number2 Ron Gallant[0-5]))$ and this is from the official RFC specification addr-spec = local-part "@" domain local-part = atom ("." atom) domain = atom *("." atom) atom = all ASCII-chars from 33 to 126 exclusive specials specials = "(" / ")" / "<" / ">" / "@"/ "," / ";" / ":" / "\" / <">/ "." / "[" / "]" so if you can build a regexp from this one you are 100% sure its valid. (Edited by GRUMBLE on 05-03-2005 21:10) (Edited by GRUMBLE on 05-03-2005 21:10) (Edited by GRUMBLE on 05-03-2005 21:13)
DmS Maniac (V) Inmate From: Sthlm, Sweden Insane since: Oct 2000	posted 05-03-2005 22:14 WarMage, well I never ever said I was any good with regexes... But yes, looking at it again after a long time since I wrote it, I can only say that you seem to be so right, so right However, I never ever trust DB-input with only something like this, without exception I'm running everything going to a db through other sanitizing checks. A check like this is only to make sure that it's a format corresponding to a normal mailadress syntax, but it does need improvment, that's for sure /Dan {cell 260} {Blog} -{ ?The Internet treats censorship as a malfunction and routes around it.? (-Barlow, John Perry) }-
jiblet Paranoid (IV) Inmate From: Minneapolis Insane since: May 2000	posted 05-13-2005 22:08 One of my employees created this one directly from the spec, and I think it's about as good as it gets without trying to validate actual top-level domains: code: /^[-^!#$%&'+\/=?`{\|}~.\w]+@[a-zA-Z0-9]([-a-zA-Z0-9][a-zA-Z0-9])(\.[a-zA-Z0-9]([-a-zA-Z0-9][a-zA-Z0-9])*)+$/ -jiblet
Pugzly Paranoid (IV) Inmate From: 127.0.0.1 Insane since: Apr 2000	posted 05-14-2005 18:06 For those of us who are COMPLETELY regex-phobic, could someone post a copy&pastable function using that?
WarMage Maniac (V) Mad Scientist From: Rochester, New York, USA Insane since: May 2000	posted 05-15-2005 00:45 code: function validate($email){ $pattern = "^[-^!#$%&'+\/=?`{\|}~.\w]+@[a-zA-Z0-9]([-a-zA-Z0-9][a-zA-Z0-9])(\.[a-zA-Z0-9]([-a-zA-Z0-9][a-zA-Z0-9])*)+$"; if(ereg($pattern,$email)){ return 1; } return 0; } Dan @ Code Town
Steve Maniac (V) Inmate From: Boston, MA, USA Insane since: Apr 2000	posted 05-15-2005 13:36 Helpful stuff: Check out the "form validation" tutorial here: http://www.php-mysql-tutorial.com/ And the "validateEmail" PHP script on this page: http://www.howtocreate.co.uk/php/
jiblet Paranoid (IV) Inmate From: Minneapolis Insane since: May 2000	posted 05-19-2005 17:04 Here's the original function, short and sweet: function is_valid_email( $email ) { return preg_match( "/^[-^!#$%&'+\/=?`{\|}~.\w]+@[a-zA-Z0-9]([-a-zA-Z0-9][a-zA-Z0-9])(\.[a-zA-Z0-9]([-a-zA-Z0-9][a-zA-Z0-9])*)+$/", $email ); } (Edited by jiblet on 05-19-2005 17:05)
bitdamaged Maniac (V) Mad Scientist From: 100101010011 <-- right about here Insane since: Mar 2000	posted 05-19-2005 18:14 This thread reminds me how if I want to act like programming is some mystical black art ( which we all know it really isn't) I just show my audience any regular expression I'm working on. .:[ Never resist a perfect moment ]:.

Topic awaiting preservation: Really Solid Email Validation Regular Expression?\$

Author

Thread

WarMage
Maniac (V) Mad Scientist

From: Rochester, New York, USA
Insane since: May 2000

posted 05-03-2005 16:15

I am looking for a really solid email validation regular expression. I have worked with a bunch in the past, but none of them were what I would considerer hardened. Anyone have on that really follows the Standards?

Here are a couple that I came up with off the top of my head, but I am not sure if they do a good job at all.

^[a-zA-Z][\w\.-]*[\w]@[\w][\w\.-]*[\w]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$

^([a-zA-Z][\w-+]*\.?)+@([a-zA-Z][\w]\.)([a-zA-Z][\w]+\.?)+$

Could you share all your email based regex's?

Dan @ Code Town

DmS
Maniac (V) Inmate

From: Sthlm, Sweden
Insane since: Oct 2000

posted 05-03-2005 18:22

this is what I usually use, no idea on how good it really is:

^(.+)@([^;:,<>]+\.[a-zA-Z]{2,6})

<edit>
Btw, this might be of help http://www.rfc-editor.org/rfc/rfc2822.txt </edit>
/Dan

{cell 260} {Blog}
-{ ?The Internet treats censorship as a malfunction and routes around it.? (-Barlow, John Perry) }-

(Edited by DmS on 05-03-2005 18:24)

WarMage
Maniac (V) Mad Scientist

From: Rochester, New York, USA
Insane since: May 2000

posted 05-03-2005 20:25

Woah!

Wouldn't that first .+ let something like

';DROP DATABASE *;@somewhere.com

in?

Might want to watch that.

Not going to get through that RFC in a day...

Dan @ Code Town

kuckus
Paranoid (IV) Mad Librarian

From: Glienicke
Insane since: Dec 2001

posted 05-03-2005 20:52

I have used this one from Trib's GN tutorial:

code:

^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,3})$

but now I look at it again that doesn't look like it would work too well for addresses ending in .info or .name and those other strange new TLDs. So I guess having 2-4 in the curly braces instead would be an idea?

Trib also links to an expression that is supposed to test for full RFC comliance, but the file seems to have disappeared and Google is no help finding it....

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted 05-03-2005 20:59

hmmm... cant edit...
making new post....

(Edited by GRUMBLE on 05-03-2005 21:00)

(Edited by GRUMBLE on 05-03-2005 21:00)

(Edited by GRUMBLE on 05-03-2005 21:09)

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted 05-03-2005 21:01

EDIT: seems as if there are parts that get autolinked, and the code tag doesnt show everything in the line.

i once found one that is quite long. i dont know much about how it performs in practice.

^[-_.[:alnum:]]+@((([[:alnum:]]|[[:alnum:]][[:alnum:]-]*[[:alnum:]])\.)+(ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)|(([0-9][0-9]?|[0-1][0-9][0-9]|number2[0-4][0-9]|number2 Ron Gallant[0-5])\.){3}([0-9][0-9]?|[0-1][0-9][0-9]|number2[0-4][0-9]|number2 Ron Gallant[0-5]))$

and this is from the official RFC specification

addr-spec = local-part "@" domain

local-part = atom *("." atom)

domain = atom *("." atom)

atom = all ASCII-chars from 33 to 126 exclusive specials

specials = "(" / ")" / "<" / ">" / "@"/ "," / ";" / ":" / "\" / <">/ "." / "[" / "]"

so if you can build a regexp from this one you are 100% sure its valid.

(Edited by GRUMBLE on 05-03-2005 21:10)

(Edited by GRUMBLE on 05-03-2005 21:10)

(Edited by GRUMBLE on 05-03-2005 21:13)

DmS
Maniac (V) Inmate

From: Sthlm, Sweden
Insane since: Oct 2000

posted 05-03-2005 22:14

WarMage, well I never ever said I was any good with regexes...
But yes, looking at it again after a long time since I wrote it, I can only say that you seem to be so right, so right

However, I never ever trust DB-input with only something like this, without exception I'm running everything going to a db through other sanitizing checks.

A check like this is only to make sure that it's a format corresponding to a normal mailadress syntax, but it does need improvment, that's for sure

/Dan

{cell 260} {Blog}
-{ ?The Internet treats censorship as a malfunction and routes around it.? (-Barlow, John Perry) }-

jiblet
Paranoid (IV) Inmate

From: Minneapolis
Insane since: May 2000

posted 05-13-2005 22:08

One of my employees created this one directly from the spec, and I think it's about as good as it gets without trying to validate actual top-level domains:

code:

/^[-^!#$%&'*+\/=?`{|}~.\w]+@[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])*(\.[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])*)+$/

-jiblet

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted 05-14-2005 18:06

For those of us who are COMPLETELY regex-phobic, could someone post a copy&pastable function using that?

WarMage
Maniac (V) Mad Scientist

From: Rochester, New York, USA
Insane since: May 2000

posted 05-15-2005 00:45

code:

function validate($email){

  $pattern = "^[-^!#$%&'*+\/=?`{|}~.\w]+@[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])*(\.[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])*)+$";



  if(ereg($pattern,$email)){

    return 1;

  }

  return 0;

}

Dan @ Code Town

Steve
Maniac (V) Inmate

From: Boston, MA, USA
Insane since: Apr 2000

posted 05-15-2005 13:36

Helpful stuff:

Check out the "form validation" tutorial here:
http://www.php-mysql-tutorial.com/

And the "validateEmail" PHP script on this page:
http://www.howtocreate.co.uk/php/

jiblet
Paranoid (IV) Inmate

From: Minneapolis
Insane since: May 2000

posted 05-19-2005 17:04

Here's the original function, short and sweet:

function is_valid_email( $email ) {
return preg_match( "/^[-^!#$%&'*+\/=?`{|}~.\w]+@[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])*(\.[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])*)+$/", $email );
}

(Edited by jiblet on 05-19-2005 17:05)

bitdamaged
Maniac (V) Mad Scientist

From: 100101010011 <-- right about here
Insane since: Mar 2000

posted 05-19-2005 18:14

This thread reminds me how if I want to act like programming is some mystical black art ( which we all know it really isn't) I just show my audience any regular expression I'm working on.

.:[ Never resist a perfect moment ]:.