http://techrepublic.com.com/5138-3513-5951488.html
Validating user-supplied information like e-mail addresses should be common best practice. Does your Web site validate users?
Why not?
Discussion on:
View:
Show:
The download version of this article is available here:
http://techrepublic.com.com/5138-3513-5951488.html
Validating user-supplied information like e-mail addresses should be common best practice. Does your Web site validate users?
Why not?
http://techrepublic.com.com/5138-3513-5951488.html
Validating user-supplied information like e-mail addresses should be common best practice. Does your Web site validate users?
Why not?
The + sign is also valid in an email address. Email servers are supposed to ignore the + and any alphanumerics between the + and the @ characters. For example, if I sign up for a newsletter I might use: myname+somewebsite@gmail.com. Then I can track if "somewebsite" gives my email address to others.
FYI, on my website, in addition to using a regexp, I have lightly hacked Moveable Type to verify that the domain name of a commenter's email address resolves.
--Jim Service (www.hubbo.com)
FYI, on my website, in addition to using a regexp, I have lightly hacked Moveable Type to verify that the domain name of a commenter's email address resolves.
--Jim Service (www.hubbo.com)
I validate email addresses using a combination of PHP's regex functions and checkdnsrr. Readers should also note that if the input is used to send email, regex to screen for newlines and/or "Bcc:" should be used to prevent the form from being used to send SPAM
Before doing checkdnsrr, you can check the address against gTLDs and ccTLDs to weed out obvious rejects.
This is fine for domain.tld but additional processing is needed to account for addresses from domains such as mail.mycompany.com or mail.yourcompany.co.uk
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
