Check if a string is an email address in PHP

Question

I am trying to do an SQL query, but I need to check somehow if the value is an email address. I need a way to check if $user is an email address, because I have user values such as this in my table.

test
test2
test@example.com
test2@example.com
test392
test@example.net

and so on...

I need to make it so $useremail checks $user to find if it's an email address. So I can UPDATE the values, WHERE user=test OR user=test@example.com, etc.

$user = strtolower($olduser);
$useremail = "";

mysql_query("UPDATE _$setprofile SET user=$sn, fc=$fc WHERE user='$user' OR user='$useremail");

Answer 1

This is not a great method and doesn't check if the email exists but it checks if it looks like an email with the @ and domain extension.

function checkEmail($email) {
   $find1 = strpos($email, '@');
   $find2 = strpos($email, '.');
   return ($find1 !== false && $find2 !== false && $find2 > $find1);
}

$email = 'name@email.com';
if ( checkEmail($email) ) {
   echo $email . ' looks like a valid email address.';
}

Answer 2

Without regular expressions:

<?php
    if(filter_var("some@address.com", FILTER_VALIDATE_EMAIL)) {
        // valid address
    }
    else {
        // invalid address
    }
?>

Answer 3

The simplest approach is to use a regular expression to check email addresses, although there's some disagreement about how accurate this can be. This process is discussed in detail here:

Using a regular expression to validate an email address

You can use REGEXP in MySQL to select from the database based on your regular expression:

http://dev.mysql.com/doc/refman/5.1/en/regexp.html

Answer 4

if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
    echo 'This is a valid email address.';
    echo filter_var($email, FILTER_VALIDATE_EMAIL);
    //exit("E-mail is not valid");
}
else
{
    echo 'Invalid email address.';
} 

Answer 5

You can use regular expressions to validate your input string to see if it matches an email address:

<?php 
$email = "someone@example.com"; 
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { 
  echo "Valid email address."; 
} 
else { 
  echo "Invalid email address."; 
} 
?>

From: http://www.totallyphp.co.uk/code/validate_an_email_address_using_regular_expressions.htm

EDIT: for more accurate expressions, please refer to Travis answer on this question

Answer 6

This function is_email() will give you an definite answer to whether the string is a valid email address or not. As far as I know, no other solution will do this with the same level of authority.

If I understand the example correctly, you would use it like this

$user = strtolower($olduser);
$useremail = (is_email($user)) ? $user : '';

The PHP built-in function is incomplete. I'm the principle author of is_email() so I'm blowing my own trumpet here, but I've put a lot of work into this in order that nobody else should have to ever again.

Answer 7

I've been using this function for many years across hundreds of sites. It's probably not perfect, but i've never had a complaint of false negatives (or positives):

function validate_email($email) {
    return (preg_match("/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/", $email) || !preg_match("/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/", $email)) ? false : true;
}

Answer 8

Apart from all regex suggestions which mostly doesn't support all of the available TLD's (including for example .info and .museum) and the upcoming ICANN decision to allow Chinese and Arabic in URL's (which would let [a-z] and \w fail) for which the following more generic regex is sufficient

([^.@]+)(\.[^.@]+)*@([^.@]+\.)+([^.@]+)

I would also mention that doing a WHERE user=test OR user=test@example.com is too error prone. Better use an autogenerated PK in the table and use it in the WHERE clause.

I don't really see the value of strict, long and unreadable mailregexes conforming the RFCxxxx specs. Best way is still to send a mail with a link with an activation key to the end user to let it confirm the mail address. Inform that in the form as well. If necessary let the user type the email address twice like you do for passwords.

Answer 9

$user_email = "email@string.com";

function isEmail($user) {
     if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
          return true
     } else {
          return false
     }
}

if (isEmail($user_email)) {
     // email is valid, run the query
     mysql_query("UPDATE _$setprofile SET user=$sn, fc=$fc WHERE user='$user' OR user='$user_email");
}

Answer 10

Since everybody is posting their regular expression, here's mine: ^((([\w+-]+)(.[\w+-]+)*)|(\"[^(\|\")]{0,62}\"))@(([a-zA-Z0-9-]+.)+([a-zA-Z0-9]{2,})|[?([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})(.([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})){3}]?)$

To the best of my knowledge, it supports everything in the RFC specification, including a lot of things that most people don't usually include.

Answer 11

$user_email = "email@gmailcom";

function isEmail($email) {
     if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
          return true;
     } else {
          return false;
     }
}

if (isEmail($user_email)) {
     // email is ok!
} else {
     // email not ok
}