0

I have the following code to check if user input is a valid email, there might be a few questions already about this but noone seems to validate the PHP function.

/* check if valid email*/
public function isValidEmail($email){
    if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
        return true;
    }
    return false;
}

If we do a test using this function:

isValidEmail('[email protected]')

This should return false because characters like ?= are inside the email address. Is there a stricter way to check email?

Improve this question
9
  • By "to write out nothing" - Do you mean it returns true with the test input? Commented Mar 1, 2016 at 13:34
  • You pass the variable to your function as $epost but then access it as $email - this won't check the passed variable. Commented Mar 1, 2016 at 13:37
  • Spelling error, question updated, Commented Mar 1, 2016 at 13:38
  • It returns true even tho i have ?= in email adress. Commented Mar 1, 2016 at 13:39
  • See this: stackoverflow.com/questions/19220158/… your test address seems in fact valid. Commented Mar 1, 2016 at 13:40

1 Answer 1

Reset to default
2

The problem here is that ? and = are perfectly valid for an email address. From Wikipedia on the RFC controlling email addresses

The local-part of the email address may use any of these ASCII characters:
These special characters: !#$%&'*+-/=?^_`{|}~ (ASCII: 33, 35–39, 42, 43, 45, 47, 61, 63, 94–96, 123–126)

If you're trying to make sure the email address actually exists, just be aware that that path is very difficult

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.