Re: Re: Email Verification

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2008-09-17 at 09:59 -0400, Al wrote:
> 
> Tom Chubb wrote:
> > Can anyone offer advice on best practices for email address verification?
> > Obviously for user registration it's common to click a link in your email to
> > complete the process thereby verifying the email, but if you want to keep
> > things very simple for the end user, what are the best methods?
> > I have been looking at getmxrr and the examples feature some good advice,
> > etc.
> > One that I've found that I'm thinking of using is
> > http://www.tienhuis.nl/php-email-address-validation-with-verify-probe which
> > tries to connect to the SMTP server as well as mx lookup, etc.
> > How reliable are these?
> > With new domain name extensions appearing all the time I wanted to find
> > something better than a regex which might become outdated after a while and
> > I'd never know about it!
> > 
> > Thoughts please and thanks in advance
> > 
> 
> Here's what I use. It's simple, uses php5 functions and appears to catch most obvious user input errors.
> 
> function checkEmailAddr($emailAddr)
> {
>      if(!filter_var($emailAddr, FILTER_VALIDATE_EMAIL)) throw new Exception("Email address error. 
> Syntax is wrong.");
> 
>      $domain = substr(strchr($emailAddr, '@'), 1);
> 
>      if(!checkdnsrr($domain))
>      {
>          throw new Exception("Email address warning. Specified domain \"$domain\" appears to be 
> invalid. Check carefully.");
>      }
>      return true;
> }
> 
> Use in try/catch code, e.g.,
> try
> {
>     $emailAddrOK = checkEmailAddr($userSubmitedDataArray[EMAIL_ADDR_FIELD]);
> }
> catch (Exception $e)
> {
>     $errorMsg = $e->getMessage(); //Message text in check function
>     $emailAddrOK= false;
> }
> 
I don't think that was the sort of verification he was after, but that
looks like a lot of code just to validate an email address, you should
look at regular expressions maybe.

For validating that an email address is *real* rather than just valid,
you really need to have a verification link in the email. You can do
this simply by putting a link in the email you send to them that points
to a script on your site. The link will contain some sort of hash in the
URL parameters, which you just need to match against a record in the
database (made when you sent out the email to them)


Ash
www.ashleysheridan.co.uk


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux