views:

223

answers:

5

I was looking at email validation. I read in RFC specs that consecutive . (dot) are not allowed, like, [email protected].

But are different wild characters allowed to occur consecutively? Like, [email protected].

And if so, how do I make a regular expression which will take only single occurance of wild characters as long as they are different? It shouldn't accept the ones like, .. && $$, but accept the ones like, &$ .$ &.

And since there's a big list of wild characters allowed, I don't think a regex like \^(&&|$$|..)\ etc, is not an option.

+5  A: 

There are a few RFC compliant email validation regexes. They are not pretty, in fact they are pretty awful, spanning hundreds of characters. You really don't want to create one, either use it or write regular code you can understand and maintain.

This is one of the RFC compliant regexes

(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])

Check this link for expanded information and alternative (more practical) regexes http://www.regular-expressions.info/email.html

Vinko Vrsalovic
Thanks. This is a big help. I guess email validation follows the adage, "You can't satisy everybody". :)
rishi
+1  A: 

Different characters like $ are allowed to occur multiple times in a row, yes. [email protected] is a completely valid email address.

Amber
Not many services allow you to have a mail with $$.
JG
That's a factor specific to the individual service, it has nothing to do with whether the spec allows it or not in a general sense.
Amber
A: 

I suppose it depends on what you're doing with this email validation, but I've done this for years in online ASP.NET regex validators for form entry purposes.

For a few months I thought I had what was a pretty cool regular expression to take care of this. I found it online and it seemed to be a popular one. However, on several occasions I'd get a call from a customer trying to fill out the application where the form validation didn't like their email address. And who knows how many people had the same problem but didn't call.

I learned the lesson the hard way that it's better to err on the side of greediness than to try to be too strict. In other words, since there are soooooo many rules in defining what makes an email address valid (and invalid), I simply define a loose open-ended regex to cover all of my bases. It may match some invalid email addresses as well, but for my purposes that's not as big of a deal. Besides, quite honestly -- most of the time if the user is screwing up their email address it's going to be a misspelling which regex isn't going to catch anyways.

So here's what I use now:

^[^<>\s\@]+(\@[\w\-]+(\.[\w\-]+)+)$

And here's a working example to test this:

http://regexhero.net/tester/?id=b90d359f-0dda-4b2a-a9b7-286fc513cf40

This doesn't address your primary concern as this will still match consecutive dots, dashes, etc. And I still can't claim this will match every valid email address because I honestly don't know. But I can say that I've been using it for the past 3 years with over 25,000 users and not a single complaint.

Steve Wortham
A: 

I would use a simple email validation regex plus another one that checks double chars like /[.&$]{2}/

w35l3y
A: 

See these answers:

stackoverflow.com/questions/997078/email-regular-expression

stackoverflow.com/questions/201323/what-is-the-best-regular-expression-for-validating-email-addresses

stackoverflow.com/questions/36261/test-expand-my-email-regex

Just remember, as stated before: the only way to tell if an email address is truly valid is to send email to it!

audiodude
Sending email seems like a very good idea, but it still has its own limitations. These are mentioned in this wiki page: http://en.wikipedia.org/wiki/Callback_verification.Guess there is not a single fool-proof plan.
rishi