PHP 的 filter_var FILTER_VALIDATE_EMAIL 真的有效吗?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3722831/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Does PHP's filter_var FILTER_VALIDATE_EMAIL actually work?
提问by willdanceforfun
After reading various posts I decided not to use REGEX to check if an email is valid and simply use PHP's inbuilt filter_var function. It seemed to work ok, until it started telling me an email was invalid because I had a number in it.
在阅读了各种帖子后,我决定不使用 REGEX 来检查电子邮件是否有效,而只是使用 PHP 的内置 filter_var 函数。它似乎工作正常,直到它开始告诉我一封电子邮件无效,因为我有一个号码。
ie [email protected] works, while [email protected] doesn't.
即 [email protected] 有效,而 [email protected] 无效。
Am I missing something or is the filter_var($email, FILTER_VALIDATE_EMAIL)really quite ineffective?
我错过了什么还是filter_var($email, FILTER_VALIDATE_EMAIL)真的很无效?
回答by Bill Karwin
The regular expression used in the PHP 5.3.3 filter code is based on Michael Rushton's blog about Email Address Validation. It does seem to work for the case you mention.
PHP 5.3.3 过滤器代码中使用的正则表达式基于 Michael Rushton 的关于电子邮件地址验证的博客。它似乎适用于您提到的案例。
You could also check out some of the options in Comparing E-mail Address Validating Regular Expressions(the regexp currently used in PHP is one of those tested).
您还可以查看比较电子邮件地址验证正则表达式中的一些选项(PHP 当前使用的正则表达式是经过测试的正则表达式之一)。
Then you could choose a regexp you like better, and use it in a call to preg_match().
然后你可以选择一个你更喜欢的正则表达式,并在调用preg_match().
Or else you could take the regexp and replace the one in file PHP/ext/filter/logical_filter.c, function php_filter_validate_email(), and rebuild PHP.
或者,您可以使用正则表达式并替换文件 PHP/ext/filter/logical_filter.c、function 中的正则表达式php_filter_validate_email(),然后重新构建 PHP。
回答by NullUserException
[email protected] seems to work fine: http://codepad.org/5HDgMW5i
[email protected] 似乎工作正常:http://codepad.org/5HDgMW5i
But I've definitely seen people complaining it's got problems, even on SO. In all likelihood, it does have problems, but so will a regex solution. The email address specifications are very, very complicated (RFC XXXX).
但我确实看到有人抱怨它有问题,即使是在 SO 上。很可能它确实有问题,但正则表达式解决方案也会有问题。电子邮件地址规范非常非常复杂(RFC XXXX)。
That's why the only solution to verify emails you should rely on is sending an email to the address and demand action (eg: if it's a registration script ask them to click on a verification link).
这就是为什么您应该依赖的验证电子邮件的唯一解决方案是向地址发送电子邮件并要求操作(例如:如果它是注册脚本,请他们单击验证链接)。
回答by ts.
that filter has been revamped recently. http://codepad.org/Lz5m2S2N- appears that in version used by codepad your case is filtered correctly
那个过滤器最近被改造了。 http://codepad.org/Lz5m2S2N- 似乎在键盘使用的版本中,您的情况已正确过滤
You can also look at http://bugs.php.net/49576and http://svn.php.net/viewvc/php/php-src/trunk/ext/filter/logical_filters.c. Regexp is quite scary.
您还可以查看 http://bugs.php.net/49576和http://svn.php.net/viewvc/php/php-src/trunk/ext/filter/logical_filters.c。正则表达式非常可怕。
回答by James
function isValidEmail($email, $checkDNS = false)
{
$valid = (
/* Preference for native version of function */
function_exists('filter_var') and filter_var($email, FILTER_VALIDATE_EMAIL)
) || (
/* The maximum length of an e-mail address is 320 octets, per RFC 2821. */
strlen($email) <= 320
/*
* The regex below is based on a regex by Michael Rushton.
* However, it is not identical. I changed it to only consider routeable
* addresses as valid. Michael's regex considers a@b a valid address
* which conflicts with section 2.3.5 of RFC 5321 which states that:
*
* Only resolvable, fully-qualified domain names (FQDNs) are permitted
* when domain names are used in SMTP. In other words, names that can
* be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed
* in Section 5) are permitted, as are CNAME RRs whose targets can be
* resolved, in turn, to MX or address RRs. Local nicknames or
* unqualified names MUST NOT be used.
*
* This regex does not handle comments and folding whitespace. While
* this is technically valid in an email address, these parts aren't
* actually part of the address itself.
*/
and preg_match_all(
'/^(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?))'.
'{255,})(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?))'.
'{65,}@)(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|'.
'(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22))'.
'(?:\.(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|'.
'(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|'.
'(?:\x5C[\x00-\x7F]))*\x22)))*@(?:(?:(?!.*[^.]{64,})'.
'(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)*\.){1,126})'.'{1,}'.
'(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+)*)|'.
'(?:\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|'.
'(?:(?!(?:.*[a-f0-9][:\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::'.
'(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|'.
'(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|'.
'(?:(?!(?:.*[a-f0-9]:){5,})'.'(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::'.
'(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|'.
'(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-5])|'.
'(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\]))$/iD',
$email)
);
if( $valid )
{
if( $checkDNS && ($domain = end(explode('@',$email, 2))) )
{
/*
Note:
Adding the dot enforces the root.
The dot is sometimes necessary if you are searching for a fully qualified domain
which has the same name as a host on your local domain.
Of course the dot does not alter results that were OK anyway.
*/
return checkdnsrr($domain . '.', 'MX');
}
return true;
}
return false;
}
//-----------------------------------------------------------------
var_dump(isValidEmail('[email protected]', true));
// bool(true)
