Edit report at http://bugs.php.net/bug.php?id=49576&edit=1
ID: 49576
Comment by: grangeway at hotmail dot com
Reported by: mparkin at de-facto dot com
Summary: Filter var for validating email is not validating
emails correctly
Status: Re-Opened
Type: Feature/Change Request
Package: *General Issues
Operating System: *
PHP Version: 5.*, 6
Assigned To: rasmus
Block user comment: N
New Comment:
Additionally:
1) at the moment, I believe the current regex does not allow f...@com as
an
email address. Albeit, it's going back almost 10 years now - I'm pretty
sure I
received an email from someone @tld, complaining that a regex did not
allow
their valid email address to sign up.
2) The issue the user hit is the phpmailer class contains the following
code to
validate email addresses against FILTER_VALIDATE_EMAIL regardless of
whether
SMTP or mail() is the sending method.
550 public static function ValidateAddress($address) {
551 if (function_exists('filter_var')) { //Introduced in PHP 5.2
...
else
regex
Previous Comments:
------------------------------------------------------------------------
[2010-08-14 20:48:24] [email protected]
Re-opened, the last comment seems quite valid to me, don't you think so
Rasmus?
------------------------------------------------------------------------
[2010-08-05 16:41:58] alexsander dot rosa at gmail dot com
The format "usern...@box" for local networks IS allowed when the mail()
method is used. I quote RFC 5321: "local aliases MUST NOT appear in any
SMTP transaction." They say NOTHING about mail() method in the RFC.
------------------------------------------------------------------------
[2010-04-02 19:57:45] [email protected]
A much better RFC-compliant regex has been committed now.
------------------------------------------------------------------------
[2010-04-02 19:56:39] [email protected]
Automatic comment from SVN on behalf of rasmus
Revision: http://svn.php.net/viewvc/?view=revision&revision=297350
Log: Update the FILTER_VALIDATE_EMAIL filter to fix bug #49576
------------------------------------------------------------------------
[2010-04-02 07:40:29] [email protected]
Finally having a look at this. Some of your cases are actually
incorrect
according to RFC3696/RFC5322
For example. [email protected] is not a valid email address
according
to the RFC. IPs in an email address must be in square brackets. So it
should
be ipinsteadofdom...@[127.0.0.1] for that one to be valid. This is
valid under
both RFC822 and RFC2822, but RFC3696 and RFC5322 updates those RFCs.
And you
can't have a port in it, so [email protected]:25 is invalid as well,
even if
you added the square brackets. Also we do not validate domains, so your
2
examples of invalid TLDs are not relevant.
I'll have an update of the baked in regex soon, but it sounds like you
need to
update the Kohana one as well.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=49576
--
Edit this bug report at http://bugs.php.net/bug.php?id=49576&edit=1
