i use he filter_var php function to validate email address when a user sign up to my site
so i use this code form the post:
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
then later i do:
if(!$email) {
// return to the form
}
else {
// send registration info
}
now when i var_dump($email)
output:
string(23) "user."name"@example.com"
i would like to know why this not return false, i think the double quotes are not acceptable why PHP say it's valid?
Source: Tips4all
It is a valid email address :
ReplyDeleteA quoted string may exist as a dot separated entity within the
local-part or it may exist when the outermost quotes are the outermost
chars of the local-part (e.g. abc."defghi".xyz@example.com or
"abcdefghixyz"@example.com are allowed. abc"defghi"xyz@example.com is
not; neither is abc\"def\"ghi@example.com). Quoted strings and
characters however, are not commonly used. RFC 5321 also warns that "a
host that expects to receive mail SHOULD avoid defining mailboxes
where the Local-part requires (or uses) the Quoted-string form" (sic).
I had the same problem (see ladaraider on why it's valid) and here's how I fixed it:
ReplyDeletefilter_var($email, FILTER_SANITIZE_EMAIL);
eg:
$email = 'user."name"@example.com';
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
will output:
string(21) "user.name@example.com"
Then you can validate the email using your validation.
you can get more information on the php site