CODEWITHSUNDEEP
phpvalidationzend-framework
user285594
user285594

Reputation:

Zend framework - how to validate the email?

How to make this invalid (ZF2)?

$email = a*@gmail.com
$email = a#@gmail.com
$email = [email protected]
$email = a...many [email protected]

All the above emails are showing valid with following ZF method, which i am expecting to become false.

$validator = new EmailAddress();    
if ($validator->isValid($email)) {
  // ARE YOU DRUNK???? why a*@gmail.com is true?
} else {
  // WHY NOT??????????
}

Upvotes: 2

Views: 544

Answers (1)

drew010
drew010

Reputation: 69937

ZF says they are valid because technically they are.

According to RFC 2822 - Internet Message Format, addresses are of the addr-spec format (defined in section 3.4.1.

addr-spec       =       local-part "@" domain
local-part      =       dot-atom / quoted-string / obs-local-part

Looking at what a dot-atom consists of:

3.2.4. Atom

   Several productions in structured header field bodies are simply
   strings of certain basic characters.  Such productions are called
   atoms.

   Some of the structured header field bodies also allow the period
   character (".", ASCII value 46) within runs of atext.  An additional
   "dot-atom" token is defined for those purposes.

atext           =       ALPHA / DIGIT / ; Any character except controls,
                        "!" / "#" /     ;  SP, and specials.
                        "$" / "%" /     ;  Used for atoms
                        "&" / "'" /
                        "*" / "+" /
                        "-" / "/" /
                        "=" / "?" /
                        "^" / "_" /
                        "`" / "{" /
                        "|" / "}" /
                        "~"

atom            =       [CFWS] 1*atext [CFWS]

dot-atom        =       [CFWS] dot-atom-text [CFWS]

dot-atom-text   =       1*atext *("." 1*atext)

   Both atom and dot-atom are interpreted as a single unit, comprised of
   the string of characters that make it up.  Semantically, the optional
   comments and FWS surrounding the rest of the characters are not part
   of the atom; the atom is only the run of atext characters in an atom,
   or the atext and "." characters in a dot-atom.

As you can see, characters such as *, #, !, ? and so forth are valid characters.

If you want to consider these invalid, you can add an additional check after EmailAddress::isValid() returns true to check for the presence of any special characters you don't consider to be allowed in an email address.

Upvotes: 3

Related Questions