Any alternative to regex email validation? [duplicate] - javascript

This question already has answers here:
How can I validate an email address in JavaScript?
(79 answers)
Closed 7 years ago.
I have managed to write a regex which validates an email.
'/[a-zA-Z0-9]+[a-zA-Z0-9_-]+(#{1})[a-zA-Z]+(\.)(com){1}/'
I am finding it pretty difficult to frame complete regex for email validation.
The thing is, I think it would be better for me if there is an alternative to regex.
Can this validation be done efficiently using if/else statements (or other conditional statements)?
Is there a fool-proof alternative to regex?

Is there a best and fool-proof alternative to regex?
Pseudocode:
if (strpos($text, '#') === FALSE)
print("not an email for sure")
else
sendConfirmationEmailToVerifyItExists()
The best way to validate an email address is to send an email to it. Anything else will cause you to reject valid email addresses, because the rules are so complex.

HTML5 has the input type email:
<input type="email" ...>
This is supported in all browsers except safari.
With PHP, you can validate an email with:
$email = 'myEmail#gmail.com';
if (filter_var($email, FILTER_VALIDATE_EMAIL))
{
echo 'Email is considered to be valid';
}
PHP Validation
Here is more about JavaScript email validation with a regex.
Notes:
Thinking about how should the regex look like for an email validation is not so easy. Other smart guys have spent their time with it. Just copy and paste the regex from a serious source (with permission), link to it, and you are done.

In short, no, there is no better way to play with strings other than regular expressions unless you are using a library/package that provides out of the box functions to use. Their utility/importance is simply reflected by the fact that they are available in all languages in one capacity or the other.
Here is the long answer.
Your question implies that your problem is not limited to validating an email address but rather validating strings using regular expressions.
First off, for an alternative, you can surely break a string up and treat it any way you like. All modern languages have a comprehensive list of string functions that you can use. However, you should also know that it will not be worth the effort and will make your code look messy.
Ultimately, you will wonder is there an easier and better way to do this to which the answer will be regular expressions.
As for them being hard to learn, I have met software professionals who have 10+ years industry experience but still use Google for their regular expression needs so you are not alone in that regard.
The only way to get better at them is to keep learning and practicing but isn't that the case with every skill?

In PHP, I use this function:
function validate_email($email)
{
return filter_var($email, FILTER_VALIDATE_EMAIL) === false ? false : true;
}

Related

Simple email regex, make sure user includes dot domain?

I don't mess around with Regex too much but have been able to get this one online. /.+#.+/. This will return true with both joe#joe and joe#joe.com. I want to make it so a user must supply a domain extension otherwise I want it to fail, I presume this is quite simple but I just can't figure it out. I've tried /.+#.+.\S/ but that didn't work. Any help would be great, thanks!
This will be used in both PHP and javascript. The current one works in both, the new will need to also.
Here is expression
/\w+#\w+\.\w{2,10}/
to allow more characters:
/[\w\-\._]+#[\w\-\._]+\.\w{2,10}/
The regex here works for me (from http://www.regextester.com/19 )
/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+#[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/i
As does this example of regex inside JavaScript from plnkr here: http://embed.plnkr.co/ZlbA1I2TsDBUmDb9o0gj/
Given that I don't know what the rest of your code is and you might really need this for both PHP and JavaScript I will suggest a different approach as I don't agree with the solution given in the accepted answer because it will match email addresses like -#-.aa, .#.-.aa, .#_.aa etc.
I'd suggest you use PHP's filter_var with the FILTER_VALIDATE_EMAIL filter which
validates e-mail addresses against the syntax in RFC 822, with the exceptions that comments and whitespace folding and dotless domain names are not supported.
and probably an additional AJAX call from JavaScript .
Regular Expressions matching all valid email address are not trivial at all and I'm not even sure you can rely on them for matching ALL valid email addresses.
For more information please take a look at Validate email address in JavaScript? and Using a regular expression to validate an email address
.+\#.+\.{1}.+
This is a simple regex and will match the required criteria
For a simple regex that will accept any domain extension of one character or longer, try: /.+#.+\..+/
For a 2 character domain extension or longer, try: /.+#.+\..{2,}/

Same regex for client-side and server-side validation

I am trying to find out whether my client-side Javascript regex
/^(([^<>()[\]\\.,;:\s#\"]+(\.[^<>()[\]\\.,;:\s#\"]+)*)|(\".+\"))#((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
for email validation (I'm using it just to make sure that the email is formatted properly, not as a primary validation method) will work on the server side with PHP.
I am not sure whether I can use the same one even though both languages use Perl-based regex syntax. Thank you for your help.
You should be able to use the same syntax.
You should use
preg_match(String $pattern, String $email[, array $matches])
with your pattern. It puts all occurrences into the array $matches, if given.
It returns true if a match is found. For E-Mails in particular it's always a
better idea to use the functions of others, because for example "$#us" is a valid
email address
This regex will work nearly identically in both JavaScript and PHP. There are some minuscule differences, for example \s matches the "next line" control character U+0085 in PHP, but not in JavaScript, but they are unlikely to matter in this context (it's unusual anyway to allow newlines and tabs in email addresses - why not use a simple space instead of the generic whitespace shorthand \s).
If you have to do these kinds of comparisons/conversions regularly, I heartily recommend you taking a look at RegexBuddy which can convert regexes between flavors with a single click.

Javascript/image email obfuscation tactics

I'm trying to obfuscate the contact email address on my website. I'm wondering what the best way is to do that.
some javascript way (not sure what is the best one ... http://hivelogic.com/enkoder/ this one looks easy, but not sure if its strong or not).
having an image called like "90210.png" and it is an image of the email address.
If javascript, what are some good scripts to do this?
Thanks!
Ringo
Write a proper contact form system, so that you never give out your email address unless you choose to reply to a contact.
Alternatively, you can write it backwards, then use JavaScript to flip it around:
var email = "moc.elpmaxe#ydobemos";
document.write(email.split("").reverse().join(""));
Somebody did a study for 1.5 years to test which various methods of email obfuscation worked the most effectively -- Perishable Press created a writeup on it.
It seems like one of the best methods was to ROT-13 an email address then decrypt it using Javascript (of course, not everybody has Javascript enabled, so this isn't a perfect solution).
I'd recommend using a contact form if possible though -- that way, your website still remains accessible to people with Javascript disabled.
The safest approach would be to not publish an email address, and instead provide a contact form.
Next safest would be an image, as you said, or any presentation method that is not plain text.
If you're determined to present text, you just have to make sure it doesn't match a regular expression looking for email adresses. So you could break it up with spaces, replace "#" with "(at)" and/or "." with "(dot)", etc. Of course, those methods will not stop someone who wants to spam you specifically, but neither will any javascript trick.

Suggest a good pattern for validating email with javaScript? [duplicate]

This question already has answers here:
How can I validate an email address in JavaScript?
(79 answers)
Closed 2 years ago.
greetings all
i want to validate an email with javaScript
and i need to use the best pattern for the matching
please suggest me a good pattern
In order for you to avoid reinventing the wheel I recommend this quality article on regular-expressions.info.
This ^([0-9a-zA-Z]([-\.\+\_\w]*[0-9a-zA-Z])*#([0-9a-zA-Z][-\w]*[0-9a-zA-Z]\.)+[a-zA-Z]{2,9})$ should match most cases. I might get massively down-voted for not including every single edge case (email addresses can have all kinds of crazy combinations) but I don't think I'm exaggerating in saying this will match 99.99% of email addresses.
This is the standard validation regular expression: http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html for RFC 822 ;)
You probably want something more simple (taken from http://www.regular-expressions.info/email.html): /^[A-Z0-9._%+-]+#[A-Z0-9.-]+\.[A-Z]{2,4}$/i for JavaScript
What you might want to be wary of, if I remember correctly, is the fact that some email servers don't conform to RFC822, so being very strict on the validation might exclude some 'valid' email addresses. Depending on the level of validation that you need, it may be possible to just check that the email address has the correct basic format - something like one or more words separated by periods, followed by an # symbol, followed by two or more words separated by periods.
Having said this, you may also want to consider why you are validating the email address in the first place.
If you simply want to make sure that the user didn't type it incorrectly, then ask for the email address and a confirmation of the email address, then compare the two to decide whether the address is valid or not. (This is the strategy used by quite a lot of websites)
If you want to know whether the email address is real or not, as part of a registration process, then the registration could be made into a two step process, with a confirmation email being sent to the address that the user supplies in the frist step, and that email contains a link to the second step of the process.
I may be making wild assumptions about your needs, but I may just trigger the appropriate thought processes.

Best practices for email address validation (including the + in gmail addresses)

I know there are a lot of questions on here about email validation and specific RegEx's. I'd like to know what the best practices are for validating emails with respect to having the username+anythingelse#gmail.com trick (details here). My current RegExp for JavaScript validation is as follows, but it doesn't support the extra + in the handle:
/^([a-zA-Z0-9_.-])+#(([a-zA-Z0-9-])+.)+([a-zA-Z0-9]{2,4})+$/
Are there any other services that support the extra +? Should I allow a + in the address or should I alter the RegEx to only allow it for an email with gmail.com or googlemail.com as the domain? If so, what would be the altered RegEx?
UPDATE:
Thanks to everyone for pointing out that + is valid per the spec. I didn't know that and now do for the future. For those of you saying that its bad to even use a RegEx to validate it, my reason is completely based on a creative design I'm building to. Our client's design places a green check or a red X next to the email address input on blur of it. That icon indicates whether or not its a valid email address so I must use some JS to validate it then.
+ is a valid character in an email address. It doesn't matter if the domain isn't gmail.com or googlemail.com
Regexes aren't actually a very good way of validating emails, but if you just want to modify your regex to handle the plus, change it to the following:
/^([a-zA-Z0-9_.-\+])+#(([a-zA-Z0-9-])+.)+([a-zA-Z0-9]{2,4})+$/
As an example of how this regex doesn't validate against the spec: The email ..#-.com is valid according to it.
If you need to validate emails via regexp, then read the standard or at least this article.
The standard suggests to use this regexp:
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")#(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
If that doesn't scare you, it should :)
I would tend to go with something along the lines of /.+#.+\..+/ to check for simple mistakes. Then I would send an email to the address to verify that it actually exists, since most typos will still result in syntactically valid email addresses.
The specs allow for some really crazy ugly email addresses. I'm often very annoyed by websites even complaining about perfectly normal, valid email addresses, so please, try not to reject valid email addresses. It's better to accept some illegal addresses than to reject legal ones.
Like others have suggested, I'd go with using a simple regexp like /.+#.+/ and then sending a verification email. If it's important enough to validate, it's important enough to verify, because a legal email address can still belong to someone other than your visitor. Or contain an unintended but fatal typo.
*Edit: removed the dot from the domain part of the regex, because a#to is still a valid email address. So even my super simplified validation rejected valid addresses. Is there any downside at all to just accepting everything that contains an # with something in front and behind it?
A very good article about this subject I Knew How To Validate An Email Address Until I Read The RFC

Categories