How to Check If an Email Address Is Real or Valid Using PHP

How can I validate email in this PHP contact form?

In the past I have used:

if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
    //send email
}
else
{
    //show error
}

Source: https://www.php.net/manual/en/function.filter-var.php

How to validate an Email in PHP?

You can use the filter_var() function, which gives you a lot of handy validation and sanitization options.

filter_var($email, FILTER_VALIDATE_EMAIL)

• PHP Manual filter_var()

• Available in PHP >= 5.2.0

If you don't want to change your code that relied on your function, just do:

function isValidEmail($email){ 
    return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
}

Note: For other uses (where you need Regex), the deprecated ereg function family (POSIX Regex Functions) should be replaced by the preg family (PCRE Regex Functions). There are a small amount of differences, reading the Manual should suffice.

Update 1: As pointed out by @binaryLV:

PHP 5.3.3 and 5.2.14 had a bug related to
FILTER_VALIDATE_EMAIL, which resulted in segfault when validating
large values. Simple and safe workaround for this is using strlen()
before filter_var(). I'm not sure about 5.3.4 final, but it is
written that some 5.3.4-snapshot versions also were affected.

This bug has already been fixed.

Update 2: This method will of course validate bazmega@kapa as a valid email address, because in fact it is a valid email address. But most of the time on the Internet, you also want the email address to have a TLD: bazmega@kapa.com. As suggested in this blog post (link posted by @Istiaque Ahmed), you can augment filter_var() with a regex that will check for the existence of a dot in the domain part (will not check for a valid TLD though):

function isValidEmail($email) {
    return filter_var($email, FILTER_VALIDATE_EMAIL) 
        && preg_match('/@.+\./', $email);
}

As @Eliseo Ocampos pointed out, this problem only exists before PHP 5.3, in that version they changed the regex and now it does this check, so you do not have to.

How easy is it to verify that an email address is valid in PHP?

I think your only options would be the SMTP RCPT TO or VRFY commands.

RCPT TO could be a way to check, as long as you disconnect after issuing it. However not all servers will boot you if the account doesn't exist(uce prevention, catch-all addresses, etc...).

VRFY can tell you if an account exists on that server, but this is almost always disabled to prevent account probes.

A PHP class that does RCPT TO verification(among other methods) is: http://code.google.com/p/php-smtp-email-validation/

Check if a string is an email address in PHP

This is not a great method and doesn't check if the email exists but it checks if it looks like an email with the @ and domain extension.

function checkEmail($email) {
   $find1 = strpos($email, '@');
   $find2 = strpos($email, '.');
   return ($find1 !== false && $find2 !== false && $find2 > $find1);
}

$email = 'name@email.com';
if ( checkEmail($email) ) {
   echo $email . ' looks like a valid email address.';
}

Checking existence of email address

No, it's not possible to reliably check if email address actually exists withotu sending an actual email. All you can do by yourself is to check syntax of email address and check of domain name exists.

To check email address syntax:

filter_var($email, FILTER_VALIDATE_EMAIL)

To check A and MX records:

checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")

Next step is to send actual email with confirmation URL or confirmation code.

---

Related Topics