I need to validate the email address of my users. Unfortunately, making a validator that comforms to standards is hard
Here is an example of a regex expression that tries to comform to standard
Are there any PHP library (preferably, open-source) that validates email address?
I found a library in google code: http://code.google.com/p/php-email-address-validation/
Are there any others?
Have you looked at PHP's filter_ functions? They're not perfect, but they do a fairly decent job in my experience.
Example usage (returns boolean):
filter_var($someEmail, FILTER_VALIDATE_EMAIL);
AFAIK, the only good way to validate an e-mail is to to send an e-mail and see if user goes back to the site using a link in this e-mail. That's what lot of sites do.
As you point out with the link to the well known mammoth regex, validating all forms of e-mail address is hard, near to impossible. It is so easy to do it wrong, even for trivial style e-mails (I found too many sites rejecting caps in e-mail addresses! And most old regexes reject TLDs of more than 4 letters!).
AFAIK, "Jean-Luc B. O'Grady"@example.com and e=m.c^2@[82.128.45.117] are both valid addresses... While [email protected] is likely to be invalid.
So somehow, I would just check that we have something, a unique @, something else, and go with it: it would catch most user errors (like empty field or user name instead of e-mail address).
If user wants to give a fake address, it would just give something random looking correct ([email protected] or [email protected]). And no validator will catch typos ([email protected] instead of [email protected]).
If one really want to validate e-mails against full RFC, I would advise to use regexes to split around @, then check separately local name and domain name. Separate case of local name starting with " from other cases, etc. Separate case of domain name starting with [ from other cases, etc. Split problem in smaller specific domains, and use regexes only on a well defined, simpler cases.
This advice can be applied to lot of regex uses, of course...
Zend_Validate includes an email validator.
There are plenty of regular expressions around for validating - everything from very basic to very advanced. You really should pick something that matches the importance of a valid email in your application.
i'd recommend to look at the source code of Zend_Validate_EmailAddress [source].
once you have your dependencies fixed you can simply do the following:
$mail_validator = new Zend_Validate_EmailAddress();
$mail_validator->isValid($address); // returns true or false
best would be to get the full Zend Library into your project via svn external and point the include path to it...
but you can just download the necessary files (1,2,3,4,5,6), and include them all (remove the require_once calls)
Cal Henderson (of Flickr) wrote an RFC822 compliant email address matcher, with an explanation of the RFC and code utilizing the RFC to match email addresses. I've been using it for quite some time now with no complaints.
RFC822 (published in 1982) defines, amongst other things, the format for internet text message (email) addresses. You can find the RFC's by googling - there's many many copies of them online. They're a little terse and weirdly formatted, but with a little effort we can seewhat they're getting at.
... Update ...
As Porges pointed out in the comments, the library on the link is outdated, but that page has a link to an updated version.
I've now collated test cases from Cal Henderson, Dave Child, Phil Haack, Doug Lovell and RFC 3696. 158 test addresses in all.
I ran all these tests against all the validators I could find. The comparison is here: http://www.dominicsayers.com/isemail
I'll try to keep this page up-to-date as people enhance their validators. Thanks to Cal, Dave and Phil for their help and co-operation in compiling these tests and constructive criticism of my own validator.
People should be aware of the errata against RFC 3696 in particular. Three of the canonical examples are in fact invalid addresses. And the maximum length of an address is 254 or 256 characters, not 320.