CODEWITHSUNDEEP
phpemail
Nadeem
Nadeem

Reputation: 145

How to verify any email with php

I am working with a form. Where user enters their email, I can validate the email through regex. But what I need is like this. After searching, I found a solution here. The as it checks the MX record of the email. But still it does not work for me fine, because when I gave a rough email like : [email protected] my form accepted it, and when I gave the same email on the other website, it rejected the email. It might be the problem with my logic I don't know, below is my code where I am verifying the email.

if(isset($_GET["saveData"])){

	$_appid = $_GET["appid"];
	$_name = $_GET["name"];
	$_email = $_GET["email"];
	$_pass = $_GET["pass"];
	$_applink = $_GET["applink"];

	function domain_exists($email, $record = 'MX'){
		list($user, $domain) = explode('@', $email);
		return checkdnsrr($domain, $record);
	}


	if(!empty($_appid) && !empty($_name) && !empty($_email) && !empty($_pass) && !empty($_applink)){


		if(!domain_exists($_email) OR !filter_var($_email, FILTER_VALIDATE_EMAIL)) {
			echo "email_prb";
		}  else{

			$sl = "SELECT * FROM fb_data WHERE useremail = '$_email' OR fbappid = '$_appid' ";
			$count = $con->query($sl);

			if(mysqli_num_rows($count)>0){ 
				echo "exists";
			}else{
				$in = "INSERT INTO fb_data VALUES(NULL,'$_name','$_email','$_pass','$_applink','$_appid',1,0)";
				if ($con->query($in)) {
					echo "Inserted";
				}
			}
		}
	} else{

	   echo "empty";
	}

}

Upvotes: 0

Views: 130

Answers (2)

pinoyCoder
pinoyCoder

Reputation: 1370

on this part of your code 

if(!domain_exists($_email) OR !filter_var($_email, FILTER_VALIDATE_EMAIL))

change the "OR" to ||. Like this 

if(!domain_exists($_email) || !filter_var($_email, FILTER_VALIDATE_EMAIL))

Upvotes: 1

Ajmal PraveeN
Ajmal PraveeN

Reputation: 413

Kindly Use mysqli or Pdo.. your code is vulnerable to sql injection, try to add mysql escape. but i have rewritten your PHP below without changing query.

Filter validate email will check for the correct email format, so you dont need checking for @. but if you filter the @example.com you need a custom filter for that.

<?php
if(isset($_GET["saveData"])){

    $_appid = $_GET["appid"];
    $_name = $_GET["name"];
    $_email = $_GET["email"];
    $_pass = $_GET["pass"];
    $_applink = $_GET["applink"];

    function domain_exists($email, $record = 'MX'){
        list($user, $domain) = explode('@', $email);
        return checkdnsrr($domain, $record);
    }


    if(!empty($_appid) && !empty($_name) && !empty($_email) && !empty($_pass) && !empty($_applink)){


        if((!domain_exists($_email)) && (!filter_var($_email, FILTER_VALIDATE_EMAIL))) {
            echo "email_prb";
        }  else{

            $sl = "SELECT * FROM `fb_data` WHERE `useremail` = '$_email' OR `fbappid` = '$_appid' ";
            $count = $con->query($sl);

            if(mysqli_num_rows($count)>0){ 
                echo "exists";
            }else{
                $in = "INSERT INTO `fb_data` VALUES(NULL,'$_name','$_email','$_pass','$_applink','$_appid',1,0)";
                if ($con->query($in)) {
                    echo "Inserted";
                }
            }
        }
    } else{

       echo "empty";
    }

}
?>

Upvotes: 2

Related Questions