Check if a string is an email address in PHP

Question

I am trying to do an SQL query, but I need to check somehow if the value is an email address. I need a way to check if $user is an email address, because I have user values such as this in my table.

test
test2
[email protected]
[email protected]
test392
[email protected]

and so on...

I need to make it so $useremail checks $user to find if it's an email address. So I can UPDATE the values, WHERE user=test OR [email protected], etc.

$user = strtolower($olduser);
$useremail = "";

mysql_query("UPDATE _$setprofile SET user=$sn, fc=$fc WHERE user='$user' OR user='$useremail");

Answer 1

Correct Email validation according to RFC 5322 is quite complex.

Check this out, it should help you build something up

Answer 2

The simplest approach is to use a regular expression to check email addresses, although there's some disagreement about how accurate this can be. This process is discussed in detail here:

http://stackoverflow.com/questions/201323/what-is-the-best-regular-expression-for-validating-email-addresses

You can use REGEXP in MySQL to select from the database based on your regular expression:

http://dev.mysql.com/doc/refman/5.1/en/regexp.html

Answer 3

You can use regular expressions to validate your input string to see if it matches an email address:

<?php 
$email = "[email protected]"; 
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { 
  echo "Valid email address."; 
} 
else { 
  echo "Invalid email address."; 
} 
?>

From: http://www.totallyphp.co.uk/code/validate%5Fan%5Femail%5Faddress%5Fusing%5Fregular%5Fexpressions.htm

EDIT: for more accurate expressions, please refer to Travis answer on this question

Answer 4

Without regular expressions:

<?php
    if(filter_var("[email protected]", FILTER_VALIDATE_EMAIL)) {
        // valid address
    }
    else {
        // invalid address
    }
?>

Answer 5

$user_email = "[email protected]";

function isEmail($user) {
     if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
          return true
     } else {
          return false
     }
}

if (isEmail($user_email)) {
     // email is valid, run the query
     mysql_query("UPDATE _$setprofile SET user=$sn, fc=$fc WHERE user='$user' OR user='$user_email");
}

Answer 6

I've been using this function for many years across hundreds of sites. It's probably not perfect, but i've never had a complaint of false negatives (or positives):

function validate_email($email) {
    return (preg_match("/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/", $email) || !preg_match("/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/", $email)) ? false : true;
}

Answer 7

Apart from all regex suggestions which mostly doesn't support all of the available TLD's (including for example .info and .museum) and the upcoming ICANN decision to allow Chinese and Arabic in URL's (which would let [a-z] and \w fail) for which the following more generic regex is sufficient

([^.@]+)(\.[^.@]+)*@([^.@]+\.)+([^.@]+)

I would also mention that doing a WHERE user=test OR [email protected] is too error prone. Better use an autogenerated PK in the table and use it in the WHERE clause.

I don't really see the value of strict, long and unreadable mailregexes conforming the RFCxxxx specs. Best way is still to send a mail with a link with an activation key to the end user to let it confirm the mail address. Inform that in the form as well. If necessary let the user type the email address twice like you do for passwords.

Answer 8

Since everybody is posting their regular expression, here's mine: ^((([\w+-]+)(.[\w+-]+)*)|(\"[^(\|\")]{0,62}\"))@(([a-zA-Z0-9-]+.)+([a-zA-Z0-9]{2,})|[?([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})(.([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})){3}]?)$

To the best of my knowledge, it supports everything in the RFC specification, including a lot of things that most people don't usually include.

Answer 9

This function is_email() will give you an definite answer to whether the string is a valid email address or not. As far as I know, no other solution will do this with the same level of authority.

It's free: http://j.mp/isemail

If I understand the example correctly, you would use it like this

$user = strtolower($olduser);
$useremail = (is_email($user)) ? $user : '';

The PHP built-in function is incomplete. I'm the principle author of is_email() so I'm blowing my own trumpet here, but I've put a lot of work into this in order that nobody else should have to ever again.