2

I've been reading various posts on Stack Overflow to try and find an ideal way to validate a URL in PHP. My research has come up with three possible solutions, however, none of them are ideal.

The three methods mentioned are regex, filter_var ($url, FILTER_VALIDATE_URL) and parse_url (). The problems with the first approach are already well known, and the most comprehensive validation regex I could find spanned pages. The filter_var function built into the PHP filtering extension appears to have faults, such as treating a url like http://... as valid. The parse_url method is using a function that was never intended for URL validation and therefore can't be depended on for this task.

Are there any other options regarding URL validation in PHP that I may have missed?

GordonM
  • 31,179
  • 15
  • 87
  • 129
  • Grab a class that does it already. Zend_Validate_Hostname for isntance. – Layke Aug 20 '11 at 20:41
  • 4
    When you say URL validation, do you mean one that resolves to a page/response? Or a correctly formed one? Are you looking to validate only full URLs or relative URLs (like `google.com`)? – Alex Aug 20 '11 at 20:42

2 Answers2

2

How about you combine filter_var (which basically is a regex check that spans pages) with additional regex check for cases you don't think are covered well by it?

Mchl
  • 61,444
  • 9
  • 118
  • 120
  • 1
    I've just been revisiting this problem, and am finding FILTER_VALIDATE_URL to be utterly broken. It can't validate urls that contain IPV6 addresses. I'm thinking I need an approach that just avoids filter_var altogether. – GordonM Jan 10 '12 at 22:57
  • Or you might want to fill in a feature request on php.net, so that IPv6 support is added. Or both. – Mchl Jan 13 '12 at 08:30
  • 1
    Seems someone thought of that already. https://bugs.php.net/bug.php?id=54629 has been open for 8 months. Between this and the problems I ran into with FILTER_VALIDATE_EMAIL I'm getting the impression that php's built in filters are best avoided. – GordonM Jan 13 '12 at 08:45
  • They're unfortunately obsolte in many cases. Never or rarely updated since introduction, while at the same time formats they're supposed to validate have moved forward. – Mchl Jan 13 '12 at 08:57
  • Yeah, PHP does have the feeling of a project that's bogged down these days, doesn't it? – GordonM Jan 13 '12 at 08:59
  • Actually it moves along better than 2-3 years ago, when it practically stalled. Still it has some trouble finding enough skilled devs to implement new features as well us update existing ones. – Mchl Jan 13 '12 at 09:02
  • Yeah, I'm glad to see it moving again and 5.4 has some potentially nice features. Still, you'd think an 8 month old bug would have seen a bit more activity by now. – GordonM Jan 13 '12 at 10:12
1

I ussually use parse_url() for check/validate url (in most case, i need to determine whether the url is already a valid url or a relative url)

if (parse_url($url, PHP_URL_SCHEME) != '')
{
   // Url is absolute
}
else
{
   // Url is not an absolute url, and therefore, need more validation...
}
toopay
  • 1,635
  • 11
  • 18