Journal pbhj's Journal: form email checking ... thought I did this already!
I use a many pronged approach: firstly there's a javascript check (for people who may have entered text wrongly).
2) there's removal of characters including
3) there's email pattern matching at the server for naive spam attempts
4) there's denial of service for mails with "content-type" or "mime-version" in them as these are used to create multipart (ie html) emails
5) there's a hidden field named so that spambots will auto-fill it; this is checked against the expected contents and mails are rejected if it's wrong
6) captcha would be my next line of defence but as yet it's not needed
I also sometimes enable the forwarding to me of details of mails that don't pass the test; then I can block the domain if it looks nasty (small Korean ISP visiting local UK site, etc.).
spambots will auto-fill it; this is checked against the expected contents and mails are rejected if it's wrong
6) captcha would be my next line of defence but as yet it's not needed
I also sometimes enable the forwarding to me of details of mails that don't pass the test; then I can block the domain if it looks nasty (small Korean ISP visiting local UK site, etc.).
My regex is '/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i'
that is:
a) multiple characters before @ that aren't whitespace or @
b) - OR a-z OR 0-9 followed by a dot, taken multiple times
c) ending in a sequence of 2 or more letters (eg to allow for
d) it's all case insensitive
'/^[^@\s]+@([-a-z0-9]+\.)+[a-z]{2,}$/i'
Try bridgehosting.net/email-form-regex
form email checking ... thought I did this already! More Login
form email checking ... thought I did this already!
Slashdot Top Deals