Is PHP confused about FILTER_VALIDATE_EMAIL?

HI

Please consider the following code:


var_dump(filter_var('a=b@test.com',  FILTER_VALIDATE_EMAIL));

Ideally the above email should be invalid and var_dump should return false but the strange thing is when u run this code on the following sites they return non similar results, can anyone tell me whats going on?

Site: http://codepad.org/MtDCoxxZ
Output: false

Site: http://writecodeonline.com/php/
Output: True

This seems familiar. First off, the two sites are running two different versions of PHP. codepad is running 5.2.5, and writecodeonline is running 5.4.15

I believe there was a change/correction to the filter_validate_email between these versions to better match the RFC standards. I’ll have to find that thread here on sitepoint.

how did u figure that out?

thanks

I put var_dump(phpversion()); in each one to see what it outputted

More information about when FILTER_VALIDATE_EMAIL was updated, it was in 5.3.3 (http://www.php.net/ChangeLog-5.php, search for “FILTER_VALIDATE_EMAIL filter needs updating”) and 5.2.14 (so codepad is running an old version of FILTER_VALIDATE_EMAIL), writecodeonline is running the latest change to that constant.

Hope that helps

oh ok, nice piece of info…thansk for sharing…

The php email filter doesn’t follow the RFC for email addresses in all versions of php. Ever since I found that out, I’ve been using my own regex filter for email addresses.

I’ve managed email lists in the past, so I’ve seen all sorts of wacky email address formats that were valid according to the RFC, but many websites wouldn’t accept them because of the limitations of their validation functions.

This is a little overly complex for just validating an email address, but I reuse portions of this for other things.


define('DELIM_S', "\\x02"); //starting delimiter
define('DELIM_E', "\\x02u"); //ending delimiter

define("REGEXSPLICE_DOMAIN", '(?:[a-zA-Z0-9](?:[\\.]?[-a-zA-Z0-9]+)*(?:\\.[a-zA-Z]{2,}){1})');
define("REGEXSPLICE_EMAIL_LOCALNAME", '(?:[a-zA-Z0-9-!#\\$%&\\'\\*\\+/=\\?\\^_`\\{\\|\\}~](?:[\\.]?[a-zA-Z0-9-!#\\$%&\\'\\*\\+/=\\?\\^_`\\{\\|\\}~]+)*)');
define("REGEXFULL_EMAIL", DELIM_S.'^'.REGEXSPLICE_EMAIL_LOCALNAME.'@'.REGEXSPLICE_DOMAIN.'$'.DELIM_E);


/**     
* converts number to boolean     
* @param string|int $num    
* @return bool    
*/    
function num2bool($num){        
    return (is_numeric($num) && $num>0) ? true : false;    
}

/**
* validates an email address
* @param string $mail 
* @param bool
*/
function isValidEmail($email){
    return num2bool(preg_match(REGEXFULL_EMAIL,$email));
}


/* start procedural scripting here */

$email = "me.something@example.org";
if(isValidEmail($email)){
    echo 'The email is valid';
}
else{
    echo 'The email is not valid';
}