Any alternative to regex email validation?

Question

I have managed to write a regex which validates an email.

'/[a-zA-Z0-9]+[a-zA-Z0-9_-]+(@{1})[a-zA-Z]+(\.)(com){1}/'

I am finding it pretty difficult to frame complete regex for email validation.

The thing is, I think it would be better for me if there is an alternative to regex.

Can this validation be done efficiently using if/else statements (or other conditional statements)?

Is there a fool-proof alternative to regex?

You know that you can find a regex for validating emails in like 5 seconds by googling it right? — Arg0n, Nov 28 '15 at 18:02
Did you see any of the other threads on SO on the topic? For example, http://stackoverflow.com/questions/46155/validate-email-address-in-javascript?rq=1. or even http://stackoverflow.com/questions/201323/using-a-regular-expression-to-validate-an-email-address?rq=1.. — chris85, Nov 28 '15 at 18:03
why use regex for validating email when php have built in function for that — Andrew, Nov 28 '15 at 18:03
@Arg0n Yes.I know that.But I use codes in my program only when I understand it completely. Its better to understand and do it in case I need to make some changes.Otherwise it would be like,I am just mugging up codes and pasting it. I should be capable of using regex in other cases also.right? — Mathews Mathai, Nov 28 '15 at 18:05
@Andrew Can you tell me more about it? I am a beginner.Please understand.I am not familiar with all the functions.Moreover,official php documentation makes it more confusing. — Mathews Mathai, Nov 28 '15 at 18:07
Just check for a `@` followed by a `.` and send a verification email if you care, unless you specifically know what your mail API will accept. The standard allows all kinds of crazy things in email addresses and domains. — Jeremy, Nov 28 '15 at 18:08
@DanWhite Will that prevent someone from using '/n' in the input box? I mean,I found that people often use that to enter malicious scripts into the database.I am not sure though.It's the internet knowledge. — Mathews Mathai, Nov 28 '15 at 18:09
@JeremyBanks What if someone enters some malicious codes if I don't check the string completely? — Mathews Mathai, Nov 28 '15 at 18:10
@MathewsMathai Javascript validation is a massive waste of time for all except cosmetic purposes, so no, it;'s not for that. You should fully validate on the backend. — ggdx, Nov 28 '15 at 18:11
Don't try and execute email addresses, and you'll be fine. That's an escaping problem, not a validation one. — Eric, Nov 28 '15 at 18:11
@MathewsMathai not sure you asking on frontend side or backend side...anways, if using php, you can use `var_dump(filter_var('bob@example.com', FILTER_VALIDATE_EMAIL));`, read more on http://php.net/manual/en/function.filter-var.php ... its pretty straight forward — Andrew, Nov 28 '15 at 18:11
@MathewsMathai *All user-provided input must be encoded when output.* Always use something like `htmlentities($value, ENT_QUOTES | ENT_HTML5, 'UTF-8');` before displaying a value. *That* is how your protect yourself from XSS. See [this article](https://paragonie.com/blog/2015/06/preventing-xss-vulnerabilities-in-php-everything-you-need-know) for more information about that. You shouldn't need your email verification to worry about security. — Jeremy, Nov 28 '15 at 18:11
I am not sure if filter_var (@Andrew's suggestion) correctly supports internationalized domain names. — Jeremy, Nov 28 '15 at 18:13
@DanWhite Is it necessary to go through the complete documentation before using a particular programming language? Its a genuine doubt guys. — Mathews Mathai, Nov 28 '15 at 18:14
@JeremyBanks judging by his pattern, I dont think he is including international domain name...but its good to mention that — Andrew, Nov 28 '15 at 18:15
@Andrew Is international pattern something different from the regular example@gmail.com? — Mathews Mathai, Nov 28 '15 at 18:17
@MathewsMathai http://unicode.org/faq/idn.html It will still have an `@` and a `.`, but it's not restricted to latin letters and numbers. — Jeremy, Nov 28 '15 at 18:20
Thanks a lot for the help guys! I am planning to check out all these suggestions and use the best that suits me and my level of understanding! — Mathews Mathai, Nov 28 '15 at 18:24
as different language might have different approaches; solution might varies. I am getting out of this comment block. peace out — Andrew, Nov 28 '15 at 18:30
using `FILTER_VALIDATE_EMAIL` is the way to do it with PHP, but it doesn't handle all formats. A regex that handle all email addresses is longer than one page and is not really a serious alternative in production. Keep in mind that even if an email has a valid format, it may not exists. So the problem stays the same: you need to use an email confirmation procedure (send an email with a link to confirm). In this perspective, you only need to use a basic check. — Casimir et Hippolyte, Nov 28 '15 at 19:51

Eric · Answer 1 · 2015-11-28T23:17:13.740

1

Is there a best and fool-proof alternative to regex?

Pseudocode:

if (strpos($text, '@') === FALSE)
    print("not an email for sure")
else
    sendConfirmationEmailToVerifyItExists()

The best way to validate an email address is to send an email to it. Anything else will cause you to reject valid email addresses, because the rules are so complex.

edited Nov 28 '15 at 23:17

answered Nov 28 '15 at 18:05

Eric

95,302
53
242
374

sendConfirmationEmailToVerifyItExists() This one is not an inbuit function.right? Can you elaborate a bit on strpos()? – Mathews Mathai Nov 28 '15 at 18:12
1

That just checks if the emall contains a @. False as a return value means not. Read the docs. – Eric Nov 28 '15 at 18:14
Is regex syntax same in js and php? – Mathews Mathai Nov 28 '15 at 18:26
1

@MathewsMathai Why are you asking him? His answer isn't even using regex. If you have new separate questions then post them as new questions. – Jeremy Nov 28 '15 at 21:15

score 0 · Answer 2 · answered Nov 28 '15 at 18:16

In short, no, there is no better way to play with strings other than regular expressions unless you are using a library/package that provides out of the box functions to use. Their utility/importance is simply reflected by the fact that they are available in all languages in one capacity or the other.

Here is the long answer.

Your question implies that your problem is not limited to validating an email address but rather validating strings using regular expressions.

First off, for an alternative, you can surely break a string up and treat it any way you like. All modern languages have a comprehensive list of string functions that you can use. However, you should also know that it will not be worth the effort and will make your code look messy.

Ultimately, you will wonder is there an easier and better way to do this to which the answer will be regular expressions.

As for them being hard to learn, I have met software professionals who have 10+ years industry experience but still use Google for their regular expression needs so you are not alone in that regard.

The only way to get better at them is to keep learning and practicing but isn't that the case with every skill?

@MathewsMathai As far as I know, 75% of it is same in all the languages. The remaining 25% are just minor differences. — Noman Ur Rehman, Nov 28 '15 at 18:27

score 0 · Answer 3 · answered Nov 28 '15 at 18:34

0

In PHP, I use this function:

function validate_email($email)  
{  
    return filter_var($email, FILTER_VALIDATE_EMAIL) === false ? false : true;  
}

answered Nov 28 '15 at 18:34

CJ Nimes

648
7
10

1

what does it filter? I mean does it check for the international standards too? – Mathews Mathai Nov 28 '15 at 18:36
1

Good point. As far as I know, it is based on RFC 822, that means only ASCII characters. – CJ Nimes Nov 28 '15 at 18:48
Thanks a lot for the help! I would have upvoted your answer.But someone recently downvoted me to 14 and now I am not capable of upvoting. So sorry. – Mathews Mathai Nov 28 '15 at 18:51

score 0 · Accepted Answer · edited May 23 '17 at 12:30

0

HTML5 has the input type email:

<input type="email" ...>

This is supported in all browsers except safari.

With PHP, you can validate an email with:

$email = 'myEmail@gmail.com';
if (filter_var($email, FILTER_VALIDATE_EMAIL))
{
    echo 'Email is considered to be valid';
}

PHP Validation

Here is more about JavaScript email validation with a regex.

Notes:

Thinking about how should the regex look like for an email validation is not so easy. Other smart guys have spent their time with it. Just copy and paste the regex from a serious source (with permission), link to it, and you are done.

edited May 23 '17 at 12:30

Community

1
1

answered Nov 28 '15 at 18:37

Is HTML 'type=email' , a validation in itself? HTML is just a markup language,right? Is it capable of checking for validity? I mean,will it show an error if I enter 'Helloworld' instead of a mail id? – Mathews Mathai Nov 28 '15 at 18:41
Yes, it does! You can test it here: https://jsfiddle.net/zo4xk0jk/ – Nov 28 '15 at 18:47
If the answer hast helped, feel free to upvote! – Nov 28 '15 at 18:50
Someone just downvoted my post. And I am back to 14 reputations.Not capable to upvote.So sorry! – Mathews Mathai Nov 28 '15 at 18:52
1

_"You can go through the three validations [...] Then it is very likely an email address!"_ - it also becomes increasingly likely that a valid email address was _rejected_. Try `"Look at all these spaces!"@example.com` on for size. – Eric Nov 28 '15 at 23:16
Thanks for your hint! I've updated my answer. – Nov 29 '15 at 08:05

Any alternative to regex email validation?

4 Answers4