1

I don’t have access to a SMTP server without upgrading, which I can’t right now.

Is there any other method that I can use to ensure that users enter valid email addresses in my database. I have to go on a free web host (currently xtreemhost) for at least the next few weeks. I just finished the site and want to test it first.

I use php-mysql for the website.

Jonathan Leffler
  • 730,956
  • 141
  • 904
  • 1,278
user882440
  • 555
  • 1
  • 5
  • 7
  • http://stackoverflow.com/questions/201323/what-is-the-best-regular-expression-for-validating-email-addresses/201378#201378 – André Paramés Aug 13 '11 at 15:51
  • Ah I had an answer on how you can send an email email with a random token. But then I realized you don't have a smtp. :( – Amir Raminfar Aug 13 '11 at 15:55
  • Don't forget that even a 'valid email address' may have been submitted by someone other than the owner of that address, so that the owner of the email address gets spammed by your web site, leading to your web site being blacklisted. You have to find a way to ensure that the owner of the email address really wanted to be subscribed to your site. Offhand, SMTP is the best way. – Jonathan Leffler Aug 13 '11 at 16:40

3 Answers3

3

Introduction

You can validate the email's form, meaning you can tell if it's a valid email address, but you cannot check whether the email address actually exists.

Answer

As for the validation itself, there are many ways of doing it,

  • One would be to use filter_var()

     filter_var('bob@example.com', FILTER_VALIDATE_EMAIL)

Side Note: REGEX is not recommended to verify emails. If you do, Jon Skeet will come to you at night.

Community
  • 1
  • 1
Madara's Ghost
  • 172,118
  • 50
  • 264
  • 308
  • I know what you are saying as I do use reg exps to validate but that`s all . I just want some idea to know that the user is really interested in the site and not a spammer . – user882440 Aug 13 '11 at 15:52
  • In which case, like the introduction explains, it's not possible. Sorry ;) – Madara's Ghost Aug 13 '11 at 15:55
  • Why did you say "This has been discussed thoroughly regex should not be used as an email validator." and then recommend an article which proposes a regex? (And not quite the best one at that.) - Also you do realize what FILTER_VALIDATE_EMAIL is actually based on? – mario Aug 13 '11 at 15:55
  • @yes123 Read the article thoroughly, it discourages the use of REGEX in favor of more sophisticated ways. – Madara's Ghost Aug 13 '11 at 15:56
  • @rikudo? what are you talking about? the part titled "Listing 2. A Better Example from ILoveJackDaniel's" still uses ereg – dynamic Aug 13 '11 at 16:07
  • This will just be a regex. See [the source](http://svn.php.net/viewvc/php/php-src/trunk/ext/filter/logical_filters.c?view=markup). The regex has about 1000 characters, thought. – Chronial Aug 14 '11 at 10:33
  • But it will not accept very weird but still valid mails like `"Fred Bloggs"@example.com`. – Chronial Aug 14 '11 at 10:39
  • @Chronial true, but no one in their right mind will have an email like that. – Madara's Ghost Aug 14 '11 at 13:42
1

One of the things you can do is check if domain is valid via WHOIS lookup or ping. If somebody enters john@doe.com you try to whois lookup doe.com and ping that domain as well. If domain does not exists, email is not valid.

Also asking to type email twice does a good job for me - people stop making spelling mistakes in their emails.

Also good validation via regexp for an email is must-have.

trailmax
  • 34,305
  • 22
  • 140
  • 234
  • 2
    validation via regexp is a must-not-have. – Madara's Ghost Aug 13 '11 at 16:02
  • well I don`t think php has any builtn in fucntion to make that possible but I like your idea . If only you could share something on how to do it , it would be really helpful. – user882440 Aug 13 '11 at 16:02
  • I posted my answer. Check it out. – Madara's Ghost Aug 13 '11 at 16:12
  • @Rikudo Sennin Article you reference ends up checking against regexp anyway. And is not entirely correct overall. – trailmax Aug 13 '11 at 16:14
  • @user882440 For php ping example you can have a look here: http://www.codediesel.com/php/ping-a-server-using-php/ Whois is slightly more complicated, but there are plenty of libraries available for php. – trailmax Aug 13 '11 at 16:17
-1

Here is the list going from simplest to most accurate that I have seen most often.

  • Regex - check and make sure it is a valid email format. I have seen some good code snippets on Stack Overflow for this - free and simple but doesn't determine if the email, or even the domain, actually exists.

  • Check if the domain has an MX-Server - More accurate then regex since at least the domain is checked in realtime - free and fairly simple to implement but doesn't determine if the user exists.

  • Use a commercial solution - most accurate (verifies the actual email address is valid and can accept messages), simple to implement (REST/SOAP), but not free

Hope this helps.

Peter O.
  • 32,158
  • 14
  • 82
  • 96
Justin Helmig
  • 66
  • 3