Need help editing this email validation script

Years ago I found this script and put it on my website to validate email addresses. But now there are email addresses like that can’t register on my site because the script is looking for at least two digits before the “.com” Can someone point out the line I need to change to fix this problem? I looked through it and it’s all Greek to me.


<script language="JavaScript" type="text/JavaScript">
function MM_findObj(n, d) { //v4.01
  var p,i,x;  
  if(!d) d=document; 
  if((p=n.indexOf("?"))>0&&parent.frames.length) {
  for (i=0;!x&&i<d.forms.length;i++) 
  if(!x && d.getElementById) 
  return x;

function MM_validateForm() { //v4.0
  var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
  for (i=0; i<(args.length-2); i+=3) { 
    if (val) {; 
      if ((val=val.value)!="") {
        if (test.indexOf('isEmail')!=-1) { 
         if(junkjunk=val.match(/(\\w+[\\w|\\.|-]*\\w+)(@\\w+[\\w|\\.|-]*\\w+\\.\\w{2,4})/)) {
                // valid email, do nothing
              } else {
                errors+='- '+args[i+1]+' must contain a valid e-mail address.\

        else if (test!='R') { 
          num = parseFloat(val);
          if (isNaN(val)) 
            errors+='- '+args[i+1]+' must contain a number.\
          if (test.indexOf('inRange') != -1) { 
            if (num<min || max<num)
              errors+='- '+args[i+1]+' must contain a number between '+min+' and '+max+'.\
      else if (test.charAt(0) == 'R') {
        errors += '- '+args[i+1]+' is a required field\
  if (errors) alert('Please address the following:\
  document.MM_returnValue = (errors == '');

Those dreamweaver scripts are notoriously horrible.

It will also fail if the bit before “@” is only one character long. The only bit that checks for the email being valid is this:

if(junkjunk=val.match(/(\\w+[\\w|\\.|-]*\\w+)(@\\w+[\\w|\\.|-]*\\w+\\.\\w{2,4})/)) {
  // valid email, do nothing

Validating an email address properly is a difficult task, and with the arrival of internationalised domain names, lots of email validation scripts will break. I would just do this:

if (/^[^ @]+@[^ @]+\\.[a-zA-Z]{2,6}$/.test(email_string)) {
  not invalid

This has the disadvantage of being too broad, so it is simple enough to get it to accept an invalid email address (like …@…com). But it’s broad enough that it reject an email that might actually be valid. Even with the strictest validation scripts, it’s probably possible to trick them into accepting an invalid address. And of course it doesn’t stop people putting in fake but valid addresses, so it’s not worth making this very strict anyway. If there are other characters you wish to reject, you can put them between the square brackets (but after the ^ in the brackets). At the moment, it only rejects spaces and “@” before the “@” and between the “@” and the last dot.

if(junkjunk=val.match(/(\\w+[\\w|\\.|-]*\\w+)(@[\\w|\\.|-]*\\w+\\.\\w{2,4})/)) {

Dogfang, what does your tweak do in this case?


Just a slight simplification of the validation.
As [COLOR=#FF6600][B]Raffles[/B][/COLOR] points out, there is very little advantage in strictly validating email addresses with JavaScript. If a user makes a typo you probably won’t catch the error and spammers will have JavaScript disabled.
Server-side validation is where the work is done.


So do I replace this existing line of code:

if(junkjunk=val.match(/(\w+[\w|\.|-]\w+)(@\w+[\w|\.|-]\w+\.\w{2,4})/)) {

With this one?

if (/[1]+@[^ @]+\.[a-zA-Z]{2,6}$/.test(email_string))

The reason I still need to have some sort of validation in this script is because it checks other things, like making sure they provided a city, state, etc. So please let me know.


  1. ^ @ ↩︎

Yes, that’s right. That test should work. But of course you should test it and see. If I were you I would get rid of those MM_ scripts (and ditch dreamweaver altogether).