Search for embedded email and phone numbers

Question

I need to use a javascript form validation routine to scan various input text fields for embedded phone numbers and email addresses. This is for a classifieds system that is free to post but 'pay to connect' with buyers, so the intent is to prevent (as much as possible) the ability for users (those posting the ad) from simply embedding their phone and/or email contact information to bypass the system.

I've been googling for awhile now, and RegEx is not my strong suit, so I'm having a bit of a hard time finding a good snippet of code to help. All I want to do is get a pass/fail for a text field (pass if it does not appear to have embedded email and/or phone numbers, and fail if it does)

Does anyone already have a good javascript solution for this?

Answer 1

Try this:

var text = textArea.value;
if (text.search(/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,6}$/))
 ...;//Contains email
if (text.search(/^[+]?(?!0{5})(\d{5})(?!-?0{4})(-?\d{4})?$/))
 ...;//Contains phone

Answer 2

You'll be able to get some, but don't expect to get most (especially if people are aware of the requirement, or get more than one chance to fill the form).

People are already really good at circumventing bot detection of email addresses by doing things like "myaddresses at hotmail dot com", and there are a million variations of this. Also, Phone numbers vary by region.

Answer 3

You don't say what server side technology you're using, but it might be preferable to do this type of processing on the server. I always favor server side in my own work (ASP.NET), because the flexibility and power of an object oriented server side framework will trump that of JavaScript just about every time. This case is no exception, as it appears that JavaScript regular expression support is lacking several key features.

Regardless of whether you choose to go server side or client side, I've found that writing RegEx code is much simplified when using a tool such as Espresso. If you're running on a Mac, consider Reggy. These tools usually come with several "stock" RegEx expressions for various common queries (i.e. phone numbers, email etc) that usually work with minimal modification.

Answer 4

Thanks to all for the input. Here is the version I ended up with, hope it helps someone else. Note: I removed the actual 'bad' words for this posting so that it would pass this site's filters. You can replace 'badword1', 'badword2', etc. with actual 'bad' words (you know, like nukular, calender, ekcetera):

=[snip]=========================================================

function isAllowed(varField) {

  var msg = '';
  var pass = true;

  var regex0=/\b(@|www|WWW|http|hotmail|gmail|badword1|badword2|badword3)\b/i;
  if (regex0.test(varField))
     {
     msg += "Text appears to have disallowed words (e.g. profanity, email, web address, @ symbol, etc.)\n";
     pass = false;
     }

  var regex1=/\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b/i;
  if (regex1.test(varField))
    {
    msg += "Text appears to have email address in it (not allowed\n";
    pass = false;
    }


  var regex2=/\b\(?\d{3}\)?[-\s.]?\d{3}[-\s.]\d{4}\b/i;
  if (regex2.test(varField))
    {
    msg += "Text appears to have a phone number in it (not allowed)\n";
    pass = false;
    }

  if (msg!='')
    {
    alert(msg);
    }
 return pass;

}

=[snip]=========================================================