Q. How do I verify input data such as email address under PHP programming language?
A. You need to use PHP Filters designed for safely dealing with input parameters. It can validate and filter data coming from some insecure source, such as user input via filter extension. This extension is part of PHP Core version 5.20 and above, but you can always install it under Linux. You can use filters to validate following type of data:
=> regex
=> url
=> email
=> strings
=> magic_quotes
=> regular data types such as int, float etc
Validate email address
Here is a sample code:
<? $email="vivek@nixcraft.com"; if ( filter_var($email, FILTER_VALIDATE_EMAIL) == TRUE) { echo 'Valid Email Address'; } else { echo 'Invalid Email Address'; } ?>
filter_var() will filter a variable with a specified filter. In this case you've used FILTER_VALIDATE_EMAIL filter. You may also want to sanitizes the e-mail using following code:
$out=filter_var($email, FILTER_SANITIZE_EMAIL);
Here is another sample:
<?php // form.php //.... //...... $_POST['email'] = stripslashes(trim($_POST['email'])); $tmpEmail=filter_var($_POST['email'], FILTER_SANITIZE_EMAIL); if ( filter_var($tmpEmail, FILTER_VALIDATE_EMAIL) == TRUE) { // callSmtp fireSmtp(); } else{ //show error echo 'Invalid Input - an error has occurred when trying to send this email'; } ///.... ?>
Further readings:
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
{ 6 comments… read them below or add one }
thanks. much it easier it seems.
please verify my e-mail
how verify email address
thankss….
Does the email filter check if an email is fake ? Or is there a sperate function to filter email domains?
Good contribution,thanks for sharing
Several problems with the FILTER_VALIDATE_EMAIL constant. Test it with gmail emails. It fails. Also fails with other types of email accounts.
re: problem with FILTER_VALIDATE_EMAIL
I believe the issue here is that if invalid the function returns FALSE. Else, if it is a valid email it returns the actual email address (instead of TRUE).
Best I can tell in PHP there is no native function that accepts a string and returns a boolean on where that string is a valid email or not. Moi? I wrote a simple function that uses FILTER_VALIDATE_EMAIL and returns TRUE if FILTER_VALIDATE_EMAIL returns !FALSE. Why there’s not something in PHP itself at this point, I don’t understand.