I am struggling with one issue where I need to verify domain part should not all be numeric.
For example:
abc#123.com -> Invalid
abc#1abc.com -> valid
Regex:
^(?=(.{1,64}#.{1,255}))((?!.*?[._]{2})[!#$%&'*+\-\/=?\^_`{|}~a-zA-Z0-9}]{1,64}(\.[!#$%&'*+\-\/=?\^_`{|}~a-zA-Z0-9]{0,}(?<!\.)){0,})#((\[(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}\])|((?!-)(?=.*[a-zA-Z])[a-zA-Z0-9-]{1,63}(?<!-)(\.(?!-)[a-zA-Z0-9-]{1,63}(?<!-)){1,}))$
Above regex need modification because there are some other validation which is working fine with above regex. Only thing is pending to validate domain part should not all numeric.
Updated:
After some research on above regex
I am able to segregate emails in to different groups. Now for group 10 need to add validation if all characters in group 10 string are aplha numeric.
Regex:
^(?=(.{1,64}#.{1,255}))((?!.*?[._]{2})[!#$%&'*+\-\/=?\^_`{|}~a-zA-Z0-9}]{1,64}(\.[!#$%&'*+\-\/=?\^_`{|}~a-zA-Z0-9]{0,}(?<!\.)){0,})#((\[(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}\])|((?!-)(?=.*[a-zA-Z])((?:.*[a-zA-Z0-9]))[a-zA-Z0-9-]{0,63}(?<!-)(\.(?!-)[a-zA-Z0-9-]{1,63}(?<!-)){1,}))$
Explore regex on : https://regex101.com/
TIA
There's no point in doing this - the fact that an email fulfills the requirements as set forth in RFC5322 does not mean it's a valid email address: The only way to know that, is to send an email to it, and have the user reply to it, follow a link inside it, or copy a code/token inside it.
Given that you have to do that anyway, that will also pick up any issues with invalid email addresses. Thus, the correct validation for email is:
Pattern.compile("^.+#.+\\..+$")
(Assuming you don't want single
and this does what you want, which is, filter out obvious incorrect entries, and that's all you need.
If you insist in continuing your mistake, there's always emailregex.com, which has the regex and explains how it works.
NB: Note that you're just wrong. 12345#678.cde can easily be valid - com may not allow you to register a domain that consists solely of digits, but it's not an inherent limitation of the DNS system: Domain parts can be all numbers. The top level domain cannot be, at least, for now, but any other part of it can be. Thus, rejecting foo#123.com is only possible if you program in, on a per-TLD basis, the exact rules. Which also means you need to sign up to the mailing list of every TLD operator to check for any changes they make. You'll be updating that regex every other week. Told you it's a silly thing to want to do!
u can use this to detect the invalid ones.
^\w+([-+.']\w+)*+#\d+.com
just change the .com to which postfix you like.
Related
I want it to be correct my JavaScript regex pattern to validate below email address scenarios
msekhar#yahoo.com
msekhar#cs.aau.edu
ms.sekhar#yahoo.com
ms_sekhar#yahoo.com
msekhar#cs2.aau.edu
msekhar#autobots.ai
msekhar#interior.homeland1.myanmar.mm
msekhar1922#yahoo.com
msekhar#21#autobots.com
\u001\u002#autobots.com
I have tried the following regex pattern but it's not validating all the above scenarios
/^[_a-z0-9]+(\.[_a-z0-9]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/
Could any one please help me with this where am doing wrong?
The following regex should do:
^(([^<>()\[\]\.,;:\s#\"]+(\.[^<>()\[\]\.,;:\s#\"]+)*)|(\".+\"))#(([^<>()[\]\.,;:\s#\"]+\.)+[^<>()[\]\.,;:\s#\"]{2,})$
Test it: https://regex101.com/r/7gH0BR/2
EDIT: I have added all your test cases
I have always used this one but note it doesn't trigger on escaped unicode:
^([\w\d._\-#])+#([\w\d._\-#]+[.][\w\d._\-#]+)+$
You can see how it works here: https://regex101.com/r/caa7b2/4
First off [_a-z0-9]+ is going to match the username fields for the majority of those testcases. Anything further testing of username field content will result in a mismatch. If you write a pattern that expects two .-delimitered fields, it'll match when you provide two .-delimitered fields and only then, not anything else. Make a mental note of that. I think you probably meant to put the . in the first character set, and omit this part here: (.[_a-z0-9]+)...
As for the domain part of the email address, similar story there... if you're trying to match domains containing two labels (yahoo and com) against a pattern that expects three... it's going to fail because there's one less label, right? There are domain names that only contain one label which you might want to recognise as email addresses, too, like localhost...
You know, there is a point to where you can dig yourself down a very deep rabbit hole trying to parse email addresses, much to the effect of this question and answer sequence. If you're making this complex using regular expressions... I think maybe a better tool is a proper parser generator... otherwise, write the following:
A pattern that matches anything up until an # character
A pattern that matches the # character (this will help you learn how to avoid your .-related error)
A pattern that matches everything (this will help you understand your .-related error)
Combine the three above in the order presented.
I have been using this regexp to verify specific password requirements are met:
$scope.userObj.user_password.match(/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!##\$%\^&\*])(?=.{8,})/)
Its been working fine...but I just encountered not one, but two users in the same day who tried to set passwords with period (.) in them. Never occurred to me that users would do that...funny thing about users is they always find ways to do things you never thought of. Anyway, I also thought the period was defined as a normal character and not as a special character...so why isn't the above validating as a good password if a period is used?
Second, obviously the above isn't working so to make it work I need to modify the special symbols part to (I think) the following:
(?=.*[!##\$%\^&\*\.\,\(\)\-\+\=])
In my DB, I encrypt the password with PHP SHA512 and then save that into a standard mysql schar(128) column.
A: Will this suffice for my regexp to properly include periods? The
use of periods also makes me wonder if I need to include other
standard keyboard symbols like , ( ) - + = etc. (also included in the new regexp).
B: And then, how far down the rabbit hole do you go - is ~ and ` and
[, ], {, }, \, | characters that should be considered too? Is there a
better way of defining them all without having to list them
individually?
C: Considering how I store the password and allowing all these extra
special characters...are there any specific issues or security
problems I need to be aware of...or things I should avoid?
Answer to A: If you test your very first regex (https://www.phpliveregex.com/) you will see that it already accepts periods, because you are including .* after every positive lookahead (?=).
Your regex is efficient to ensure that your input have AT LEAST one lower case AND one upper case AND one special character AND a minimum of eight characters, but it also accepts everything else.
In other words, your regex is a good 'white list', but you have no 'black list'. You should consider making another test to accept just the characters you want
Like: inputValue.replace(/[^a-zA-Z0-9\!\.\#\$\^]/, "");
Answer to B: About what characters you will accept on a password... there is no rule. You are the admin and you can accept whatever you want since you sanitize/escape properly your inputs before parsing and embedding.
If you have a big list of special characters, you will finish with big regexes. But you don't need a big list, it can be as simple as ! . # $ ^
Answer to C: Security issues with user inputs happens when you execute SQL commands or PHP echo, print with a user input without sanitizing/proper escape.
Here is a really good answer about the subject https://stackoverflow.com/a/130323/10677269
Finally, you should consider the comments above. SHA512 is not encryption (it's a digest algorithm) and should not be used to store password in your database unless you 'salt' them (even then, encryption is a better option).
I don't mess around with Regex too much but have been able to get this one online. /.+#.+/. This will return true with both joe#joe and joe#joe.com. I want to make it so a user must supply a domain extension otherwise I want it to fail, I presume this is quite simple but I just can't figure it out. I've tried /.+#.+.\S/ but that didn't work. Any help would be great, thanks!
This will be used in both PHP and javascript. The current one works in both, the new will need to also.
Here is expression
/\w+#\w+\.\w{2,10}/
to allow more characters:
/[\w\-\._]+#[\w\-\._]+\.\w{2,10}/
The regex here works for me (from http://www.regextester.com/19 )
/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+#[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/i
As does this example of regex inside JavaScript from plnkr here: http://embed.plnkr.co/ZlbA1I2TsDBUmDb9o0gj/
Given that I don't know what the rest of your code is and you might really need this for both PHP and JavaScript I will suggest a different approach as I don't agree with the solution given in the accepted answer because it will match email addresses like -#-.aa, .#.-.aa, .#_.aa etc.
I'd suggest you use PHP's filter_var with the FILTER_VALIDATE_EMAIL filter which
validates e-mail addresses against the syntax in RFC 822, with the exceptions that comments and whitespace folding and dotless domain names are not supported.
and probably an additional AJAX call from JavaScript .
Regular Expressions matching all valid email address are not trivial at all and I'm not even sure you can rely on them for matching ALL valid email addresses.
For more information please take a look at Validate email address in JavaScript? and Using a regular expression to validate an email address
.+\#.+\.{1}.+
This is a simple regex and will match the required criteria
For a simple regex that will accept any domain extension of one character or longer, try: /.+#.+\..+/
For a 2 character domain extension or longer, try: /.+#.+\..{2,}/
I have two regex's that I am trying to combine. One is email specific and the other checks certain special characters. I have arrived at this solution following much toying:
"^([-0-9a-zA-Z.+_]+#[-0-9a-zA-Z.+_]+\.[a-zA-Z]{2,4}|[\\w\\-ÀÈÌÒÙàèìòùÁÉÍÓÚÝáéíóúýÂÊÎÔÛâêîôûÃÑÕãñõÄËÏÖÜŸäëïöüŸçÇŒœßØøÅåÆæÞþÐð _]){0,80}$"
It does seem to check what I need it to, but for instance the following is still returned valid: abc#foo it does not force a full email address.
Am I using the correct approach or is there a simpler way to structure this RegEx? I'm on a learning curve with regex so all advice appreciated.
Move the multiplier {0,80} inside the parenthesis:
"^([-0-9a-zA-Z.+_]+#[-0-9a-zA-Z.+_]+\.[a-zA-Z]{2,4}|[\\w\\-ÀÈÌÒÙàèìòùÁÉÍÓÚÝáéíóúýÂÊÎÔÛâêîôûÃÑÕãñõÄËÏÖÜŸäëïöüŸçÇŒœßØøÅåÆæÞþÐð _]{0,80})$"
// here __^^^^^^^
Also [a-zA-Z]{2,4} is really poor to validate TLDs, have a look at IANA.
And me#localhost is a valid email address.
This question already has answers here:
How can I validate an email address in JavaScript?
(79 answers)
Closed 2 years ago.
greetings all
i want to validate an email with javaScript
and i need to use the best pattern for the matching
please suggest me a good pattern
In order for you to avoid reinventing the wheel I recommend this quality article on regular-expressions.info.
This ^([0-9a-zA-Z]([-\.\+\_\w]*[0-9a-zA-Z])*#([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,9})$ should match most cases. I might get massively down-voted for not including every single edge case (email addresses can have all kinds of crazy combinations) but I don't think I'm exaggerating in saying this will match 99.99% of email addresses.
This is the standard validation regular expression: http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html for RFC 822 ;)
You probably want something more simple (taken from http://www.regular-expressions.info/email.html): /^[A-Z0-9._%+-]+#[A-Z0-9.-]+\.[A-Z]{2,4}$/i for JavaScript
What you might want to be wary of, if I remember correctly, is the fact that some email servers don't conform to RFC822, so being very strict on the validation might exclude some 'valid' email addresses. Depending on the level of validation that you need, it may be possible to just check that the email address has the correct basic format - something like one or more words separated by periods, followed by an # symbol, followed by two or more words separated by periods.
Having said this, you may also want to consider why you are validating the email address in the first place.
If you simply want to make sure that the user didn't type it incorrectly, then ask for the email address and a confirmation of the email address, then compare the two to decide whether the address is valid or not. (This is the strategy used by quite a lot of websites)
If you want to know whether the email address is real or not, as part of a registration process, then the registration could be made into a two step process, with a confirmation email being sent to the address that the user supplies in the frist step, and that email contains a link to the second step of the process.
I may be making wild assumptions about your needs, but I may just trigger the appropriate thought processes.