Here's a slick way of validating an email address that someone passes you through your contact form:
if (eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $from)) {
// code to send e-mail goes here
}

I'd change a few things.

$email = trim($email);
if (preg_match('/^[a-z0-9._-]+@[a-z0-9._-]+\.([a-z]{2,4})$/i', $email)) {
// code to send e-mail goes here
}

Still, if you use this, understand that it is not infallible.(sp?) All it does is screen out someone from typing "dga;sfgharggnjg" into the email box. a@b.c would beat the script, as would 1@2.3. But, this script is still great at screening out some nonsense submissions.

Dan

a@b.c would beat the script, as would 1@2.3. But, this script is still great at screening out some nonsense submissions.
Nope. The regular expression says that there must be two to four characters after the @ symbol and that they must be alphabetic. I have this code in place in my contact form, and both your examples don't skirt my edits.

What might be interesting is using the Validate PEAR package. I haven't tried that, but it's supposed to somehow validate the domain as well as the email address.

Nope. The regular expression says that there must be two to four characters after the @ symbol and that they must be alphabetic. I have this code in place in my contact form, and both your examples don't skirt my edits.

What might be interesting is using the Validate PEAR package. I haven't tried that, but it's supposed to somehow validate the domain as well as the email address.

Actually I believe it's 2-4 chars after the period for the TLD. 1@2.aa would work.

Actually I believe it's 2-4 chars after the period for the TLD. 1@2.aa would work.
Proving once again that I'm terrible about interpreting regular expressions. ;)

I just tested your example, and it does pass the edits in my contact form.

There also needs to be a clause written into the regex to allow an additional period and 2-4 chars for domains such as .co.uk. I wrote the clause below:

$email = trim($email);
if (preg_match('/^[a-z0-9._-]+@[a-z0-9._-]+\.([a-z]{2,4})($|\.([a-z]{2,4})$)/i', $email)) {
// code to send e-mail goes here
}

It has worked with .co.uk before. :p

It doesn't seem like it would, as a period is not allowed and co.uk is five characters. *shrug*

It's becouse the .co matches with the "[a-z0-9._-]+" part just after the @.
From:
email@site.co.uk
it matches like this:
[a-z0-9._-]+ => email
@ => @
[a-z0-9._-]+ => site.co
\. => .
([a-z]{2,4}) => uk

It'd probably be best to modify it to comply to RFC 2822 (http://www.faqs.org/rfcs/rfc2822), which is more or less the rules as to what is, and what isn't a valid email address. Examples are: user@example.com, User <user@example.com>

It's becouse the .co matches with the "[a-z0-9._-]+" part just after the @.
From:
email@site.co.uk
it matches like this:
[a-z0-9._-]+ => email
@ => @
[a-z0-9._-]+ => site.co
\. => .
([a-z]{2,4}) => uk

Ahh I see. My apologies.

Nope. The regular expression says that there must be two to four characters after the @ symbol and that they must be alphabetic. I have this code in place in my contact form, and both your examples don't skirt my edits.

Sorry, I misread the code.


Proving once again that I'm terrible about interpreting regular expressions.

Don't feel so bad ;)

This is the expression I use to check against email address submissions...
preg_match("/^(([^<>()[\]\\\\.,;:\s@\"]+(\.[^<>()[\]\\\\.,;:\s@\"]+)*)|(\"([^\"\\\\\r]|(\\\\[\w\W]))*\"))@((\[([0-9]{1,3}\.){3}[0-9]{1,3}\])|(([a-z\-0-9áàäçéèêñóòôöüæøå]+\.)+[a-z]{2,}))$/i", $_POST['email_address'])

It'd probably be best to modify it to comply to RFC 2822 (http://www.faqs.org/rfcs/rfc2822), which is more or less the rules as to what is, and what isn't a valid email address.


Fwiw…

http://www.regexlib.com/REDetails.aspx?regexp_id=711
^((?>[a-zA-Z\d!#$%&'*+\-/=?^_`{|}~]+\x20*|"((?=[\x01-\x7f])[^"\\]|\\[\x01-\x7f])*"\x20*)*(?<angle><))?((?!\.)(?>\.?[a-zA-Z\d!#$%&'*+\-/=?^_`{|}~]+)+|"((?=[\x01-\x7f])[^"\\]|\\[\x01-\x7f])*")@(((?!-)[a-zA-Z\d\-]+(?<!-)\.)+[a-zA-Z]{2,}|\[(((?(?<!\[)\.)(25[0-5]|2[0-4]\d|[01]?\d?\d)){4}|[a-zA-Z\d\-]*[a-zA-Z\d]:((?=[\x01-\x7f])[^\\\[\]]|\\[\x01-\x7f])+)\])(?(angle)>)$

http://www.regexlib.com/REDetails.aspx?regexp_id=26
^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$

would this work for something like email@address.co.nz?

would this work for something like email@address.co.nz?
I have this validation code in place on my contact form. I just tried it with your hypothetical email address, and it passed the validation.

What about

me@downtown.museum

remember that museum is a valid top level domain.

How about

me@[124.56.137.21]

Using the ip address in place of the domain name is also valid.

Neither one of those email addresses passes validation using the regular expression we've been discussing in this thread. I just tried it with the contact form on my website, which has that code in it.

i dont write php but couldnt half of these regular expressions be cut down using \w (or \W, i forget which) instead of a-zA-Z0-9_