Edit report at http://bugs.php.net/bug.php?id=49576&edit=1
ID: 49576 Comment by: alexsander dot rosa at gmail dot com Reported by: mparkin at de-facto dot com Summary: Filter var for validating email is not validating emails correctly Status: Closed Type: Feature/Change Request Package: *General Issues Operating System: * PHP Version: 5.*, 6 Assigned To: rasmus Block user comment: N New Comment: The format "usern...@box" for local networks IS allowed when the mail() method is used. I quote RFC 5321: "local aliases MUST NOT appear in any SMTP transaction." They say NOTHING about mail() method in the RFC. Previous Comments: ------------------------------------------------------------------------ [2010-04-02 19:57:45] ras...@php.net A much better RFC-compliant regex has been committed now. ------------------------------------------------------------------------ [2010-04-02 19:56:39] ras...@php.net Automatic comment from SVN on behalf of rasmus Revision: http://svn.php.net/viewvc/?view=revision&revision=297350 Log: Update the FILTER_VALIDATE_EMAIL filter to fix bug #49576 ------------------------------------------------------------------------ [2010-04-02 07:40:29] ras...@php.net Finally having a look at this. Some of your cases are actually incorrect according to RFC3696/RFC5322 For example. ipinsteadofdom...@127.0.0.1 is not a valid email address according to the RFC. IPs in an email address must be in square brackets. So it should be ipinsteadofdom...@[127.0.0.1] for that one to be valid. This is valid under both RFC822 and RFC2822, but RFC3696 and RFC5322 updates those RFCs. And you can't have a port in it, so ipandp...@127.0.0.1:25 is invalid as well, even if you added the square brackets. Also we do not validate domains, so your 2 examples of invalid TLDs are not relevant. I'll have an update of the baked in regex soon, but it sounds like you need to update the Kohana one as well. ------------------------------------------------------------------------ [2009-09-17 08:53:51] mparkin at de-facto dot com Description: ------------ Filter_Var does not validate emails accurately enough, and false positives are made. The regex needs improving - the regex we are using in kohanaphp framework (with preg_match) is more accurate. some more reading could be done here: http://fightingforalostcause.net/misc/2006/compare-email-regex.php Reproduce code: --------------- http://codepad.org/UIrhI5ep Expected result: ---------------- All emails in $valid are valid, all emails in $invalid are invalid. A far more accurate regex can be found here: http://dev.kohanaphp.com/projects/kohana2/repository/entry/trunk/system/helpers/valid.php#L20 Actual result: -------------- There are false positives and non failures. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=49576&edit=1