Email javascript validation


 / Published in: JavaScript
 

Simple javascript email validation

  1. function checkMail(email){
  2. var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
  3. if (filter.test(email)) {
  4. return true;
  5. }
  6. return false;
  7. }

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: palako on May 23, 2008

Posted By: fyiman on September 27, 2016

Generally speaking, this sort of email validation is a bad idea. Really, the better idea is to just do minimal checking to make sure something has been entered and accept whatever the user entered as their email address. Then, test it by trying to send a message to that email address to see if it fails. Include a verification link or code in the message so the user can clink the link or enter the code to let you know the email address was correct and the email message was received by the user. That way, if the user incorrectly enters their email address (even a simple "typo"), or if they enter an invalid or non existent email address, they will never get the verification email message.

The problem with using a Regex like the one you have suggested is that it will reject many valid email addresses, and it will accept many email addresses that are invalid.

For the most part, beyond some really complicated and error prone tests, it is inappropriate for anyone to say that an email address is invalid. The only one who can really say that any given email address is invalid, is the company that is hosting the users email account. It is highly dependent on the company that provides an email account as to what is valid or not.

For example, an email address that is valid on Gmail, may not be valid on Hotmail or other email providers.

Here are just a few problems with using a Regex like the one you have suggested. This is about using a Regex in general, and some of these examples may not apply to your specific Regex. Some modification to the Regex, making it much more complicated, can resolve SOME of these issue, but it's NOT possible to construct a Regex that is 100% error free:

  • Regex's typically allow email addresses to begin with a number (0-9). Some email providers don't allow you to create an email address that begins with a number.
  • Regex's typically allow email addresses to begin with a number a symbol such as "-_". Most email providers don't allow you to create an email address that begins with one of these symbols and may not allow them at all.
  • Regex's typically allow email addresses to begin or end with a "." (dot/period/full stop), or to have 2 or more "."s next to each other (consecutive). This is not allowed by the official email specification standard. For example, email addresses like "User.@example.com" or ".[email protected]" or "User..[email protected]" are all invalid email addresses.
  • Regex's typically reject other "symbols" in email address. Symbols such as "! # $ % & ' * + - / = ? ^ _ ` { | } ~" are valid for the "username" part of the email address according to the official email specification standard. Even though they are valid by the official email specification, many email providers won't let you create an email address with some of these characters.
  • Regex's typically allow any letters-digits for the top-level domain (TLD) of the email server. For example, in an email address like "[email protected]", the TLD is ".com". Other common TLDs are ".net", ".org", ".edu", ".ca", ".gov", ".info". But most Regex's would allow an email address like "[email protected]", even though ".eee" is not currently a valid TLD. New TLDs are added all the time.
  • Regex's typically reject email address where the top-level domain (TLD) of the email server has less than 2, or more than 4 characters, or some other criteria. This means that valid email addresses on "TLD"s like ".flowers", ".green", ".hosting", ".museum" or other newer TLDs would all be rejected.
  • Regex's typically reject email address where the user-name part of the email address is surrounded by "double-quote" marks, or that contains a " " (space) or "@" sign. Characters like " " (space) or "@" are valid as long as they are "escaped, or they appear within double-quote marks like: "[email protected]"@example.com or "valid email"@example.com. Obviously, these sort of email addresses, while strictly valid, may not be allowed by many email providers.
  • Regex's typically reject email address where the server name part of the email address is composed of more, or less than 2 parts separated by a "." (dot). So, a valid email address like "[email protected]" would be rejected.
  • Regex's can't tell if an email address given by a user actually belongs to that person. A user may type in ANY valid email address, even one that doesn't belong to them.
  • Regex's can't tell if an email address given by a user has actually been assigned to anyone. Only the email provider can verify that. A user may type in ANY (valid-looking) email address, even one that is totally made up and doesn't belong to anyone.

For those reasons (and many more), it is best to NOT validate email addresses with Regex's like this. Just a simple check to see if there are some characters before and after an "@" sign, is really the most (and best) that you should do. This could be done with a very simple Regex like: "/^.+@.+$/". Accept that email address and try sending an email message to it. If the email is sent successfully (doesn't bounce), then it was (most likely) a valid email address. If the user responds to the email in some verifiable way, then it was a valid email address and it likely belongs to the user.

You need to login to post a comment.