On Wed, 2008-09-17 at 09:59 -0400, Al wrote: > > Tom Chubb wrote: > > Can anyone offer advice on best practices for email address verification? > > Obviously for user registration it's common to click a link in your email to > > complete the process thereby verifying the email, but if you want to keep > > things very simple for the end user, what are the best methods? > > I have been looking at getmxrr and the examples feature some good advice, > > etc. > > One that I've found that I'm thinking of using is > > http://www.tienhuis.nl/php-email-address-validation-with-verify-probe which > > tries to connect to the SMTP server as well as mx lookup, etc. > > How reliable are these? > > With new domain name extensions appearing all the time I wanted to find > > something better than a regex which might become outdated after a while and > > I'd never know about it! > > > > Thoughts please and thanks in advance > > > > Here's what I use. It's simple, uses php5 functions and appears to catch most > obvious user input errors. > > function checkEmailAddr($emailAddr) > { > if(!filter_var($emailAddr, FILTER_VALIDATE_EMAIL)) throw new > Exception("Email address error. > Syntax is wrong."); > > $domain = substr(strchr($emailAddr, '@'), 1); > > if(!checkdnsrr($domain)) > { > throw new Exception("Email address warning. Specified domain > \"$domain\" appears to be > invalid. Check carefully."); > } > return true; > } > > Use in try/catch code, e.g., > try > { > $emailAddrOK = checkEmailAddr($userSubmitedDataArray[EMAIL_ADDR_FIELD]); > } > catch (Exception $e) > { > $errorMsg = $e->getMessage(); //Message text in check function > $emailAddrOK= false; > } > I don't think that was the sort of verification he was after, but that looks like a lot of code just to validate an email address, you should look at regular expressions maybe.
For validating that an email address is *real* rather than just valid, you really need to have a verification link in the email. You can do this simply by putting a link in the email you send to them that points to a script on your site. The link will contain some sort of hash in the URL parameters, which you just need to match against a record in the database (made when you sent out the email to them) Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
