PHP email checker, problems

Forum Moderators: coopster

Message Too Old, No Replies

PHP email checker, problems

email check function says every email is invalid :/

GamingLoft

2:36 pm on Jan 26, 2008 (gmt 0)

my email validation code, or whatever its called. is making every email invalid, here is my code. theres no errors in it but.. whatever.

function checkEmail($email) 
{
$email = mysql_real_escape_string($email);
    $query_emailcheck = "SELECT email FROM hfs_users WHERE email = '$email'";
    $result_emailcheck = @mysql_query($query_emailcheck);
    $num_sameemail = @mysql_num_rows($result_emailcheck);
    
    if ($num_sameemail> 0) {      $errors[] = "This email is being used by another user.";
 
}if(eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) 
 {
list($Username, $Domain) = split("@",$email);
if(getmxrr($Domain, $MXHost)) 
  {
$errors[] = "Email address is invalid.";
  }
  else 
  {
   if(@fsockopen($Domain, 25, $errno, $errstr, 30)) 
   {
     $errors[] = "Email address is invalid."; 
   }
   else 
   {
     return FALSE; 
   }}
  }}

bpat1434

7:21 pm on Jan 26, 2008 (gmt 0)

Well, given that code, if getmxrr returns true, you mark it as "invalid".

The same thing goes for fsockopen(). You should be checking for a "false" return.

You also only return false, you never show where you return true. So something like this should work:


function checkEmail($email) 
{ 
 $email = mysql_real_escape_string($email); 
 $query = "SELECT `email` FROM `hfs_users` WHERE `email` = '$email'"; 
 $result = @mysql_query($query); 
 $errors = array();  if(mysql_num_rows($result) > 0) 
 { 
  $errors[] = 'This email is being used by another user.'; 
 } 
 else 
 { 
  if(!eregi("^[a-z0-9_]+@[a-z0-9-]+\.[a-z0-9.-]+$", $email)) 
  { 
   list($username, $domain) = explode('@', $email); 
   if(!getmxrr($domain, $MXHosts)) 
   { 
    $errors[] = 'Email address is invalid.'; 
   } 
   else 
   { 
    if(!@fsockopen($domain, 25, $errno, $errstr, 30)) 
    { 
     $errors[] = 'Email address is invalid.'; 
    } 
   } 
  } 
 } 
 if(!empty($errors)) 
  return $errors; 
 return true; 
}

I'd also suggest you look at the eregi page in the php manual and look through the user notes. There are much better email eregi patterns to use ;)

GamingLoft

11:17 pm on Feb 2, 2008 (gmt 0)

k tried, the above. but now any email entered, even if you leave it blank it comes out "email entered is valid..."

heres what i have to as my function..

-____________________________-
also here are the contents of my email testing file...

<?php
include("mysql_connect.php");
include("functions.php");

$urlemail = $_GET['email'];
if(checkEmail($urlemail) == FALSE)
{
echo "E-mail entered is not valid.";
}
else
{
echo "E-mail entered is valid.";
}

[edited by: GamingLoft at 11:22 pm (utc) on Feb. 2, 2008]

bpat1434

2:17 pm on Feb 4, 2008 (gmt 0)

When running the function, it will return an array of errors, not "false". So when you want to know if it's a valid email, check that it's not a strict true. Something like:

if(checkEmail($email)!== true)
{
  // Error message
}
else
{
  // Successful email address
}

GamingLoft

9:30 pm on Feb 4, 2008 (gmt 0)

thanks for responding but im not quite sure i understand...

1) why is the true there? what does that do?

2) i thought id have more questions but i guess not. heh.

bpat1434

10:02 pm on Feb 4, 2008 (gmt 0)

The true is there because the function either returns an array of errors on failure, or the boolean true. The easiest thing to do is to see if the boolean true is returned or not. You can do this one of two ways:

1.) Use "===" to see if the left operand is strictly equal to the right
2.) Use "!==" to see if the left operand is strictly not equal to the right

So essentially what we're asking is if the result of checkEmail() is not boolean true (and only boolean true) then there are errors. If it is boolean true, then the email address is okay.

It's not false anymore because we don't return false, we return whatever error(s) there are. You can change the function to just return false; however, it's not always what you want since there are multiple fail points (MX records, openning a connection, etc.).

For example, if say I give my email as user@domain123.com and you see that there are mx records there. When you go to open a connection on port 25, it fails. This does not necessarily mean that it's a bad webserver. I could have limited it only to SSL (443) or maybe I'm using TLS or just using a different port. I wouldn't fail just on having no connection to a server.

GamingLoft

10:13 pm on Feb 4, 2008 (gmt 0)

k i used the!== TRUE but now my email checker always comes out "email is valid", no matter what! I have a feeling its something to do with my function. mixing up booleans (im new to the boolean world.)

here is the email function from functions.php


function checkEmail($email) { 
$email = mysql_real_escape_string($email); 
$query = "SELECT `email` FROM `hfs_members` WHERE `email` = '$email'"; 
 $result = @mysql_query($query); 
 $errors = array(); 
if(mysql_num_rows($result) > 0) 
{ 
$errors[] = 'This email is being used by another user.'; 
} 
else { if(!eregi("^[a-z0-9_]+@[a-z0-9-]+\.[a-z0-9.-]+$", $email)) 
{ 
list($username, $domain) = explode('@', $email);
 if(!getmxrr($domain, $MXHosts)) 
{ 
$errors[] = 'Email address is invalid.'; 
} 
else 
{ 
if(!@fsockopen($domain, 25, $errno, $errstr, 30)) { $errors[] = 'Email address is invalid.'; 
} 
} 
} 
} if(!empty($errors)) return $errors; return true; 
}

and here is the source of my email checker...


<?php
include("mysql_connect.php");
include("functions.php");
$urlemail = $_GET['email']; 
if(checkEmail($email)!== true) 
{
 echo "E-mail entered is valid.";
} 
else 
{
 echo "E-mail entered is NAAAAAAT valid.";
}
?>

[edited by: GamingLoft at 10:14 pm (utc) on Feb. 4, 2008]

bpat1434

10:37 pm on Feb 4, 2008 (gmt 0)

The function should look like this (note the lines don't get squished up):

function checkEmail($email) { 
    $email = mysql_real_escape_string($email); 
    $query = "SELECT `email` FROM `hfs_members` WHERE `email` = '$email'"; 
    $result = @mysql_query($query); 
    $errors = array();     if(mysql_num_rows($result) > 0) 
    { 
        $errors[] = 'This email is being used by another user.'; 
    } 
    else  
    { 
        if(!eregi("^[a-z0-9_]+@[a-z0-9-]+\.[a-z0-9.-]+$", $email)) 
        { 
            list($username, $domain) = explode('@', $email); 
            if(!getmxrr($domain, $MXHosts)) 
            { 
                $errors[] = 'Email address is invalid.'; 
            } 
            else 
            { 
                if(!@fsockopen($domain, 25, $errno, $errstr, 30)) 
                { 
                    $errors[] = 'Email address is invalid.'; 
                } 
            } 
        } 
    }  
     
    if(!empty($errors)) 
        return $errors; 
     
    return true; 
}

To use this function, your code should be:

if(($rslt = checkEmail($email)) === true) 
{ 
    echo 'The email is valid'; 
} 
else 
{ 
    echo 'The email is invalid. Error returned:<br />' . implode('<br />', $rslt); 
}

GamingLoft

10:56 pm on Feb 4, 2008 (gmt 0)

found some simple errors (where a $ was needed infront of array name, but thats all.

after testing the code you had given me i found it didn't work the following email
"bobosycjs@sjdhasjdhsadsa.ceas"

came up valid... i did more testing and found the reason behind this is that the fsock checker isnt working

any email that passes the ereg test is valid, i need help with fixing this fsock i looked at the script but i cant think of anything here is my function...


function checkEmail($email) { 
 $email = mysql_real_escape_string($email);  
 $query = "SELECT `email` FROM `hfs_users` WHERE `email` = '$email'";  
 $result = @mysql_query($query); 
 $errors = array(); 
 
 if(mysql_num_rows($result) > 0)  
 {
$errors[] = 'This email is being used by another user.';  
 }  
 else  
 {   
 if(!eregi("^[a-z0-9_]+@[a-z0-9-]+\.[a-z0-9.-]+$", $email)) {
 list($username, $domain) = explode('@', $email);    
 
 if(!getmxrr($domain, $MXHosts))
 {     
 $errors[] = 'Email address is invalid.';   
 }
 else    
 {     
 if(!@fsockopen($domain, 25, $errno, $errstr, 30))
 {      
 $errors[] = 'Email address is invalid.';    
 }    }   }  }   if(!empty($errors))   return $errors;   return true; }

bpat1434

11:11 pm on Feb 4, 2008 (gmt 0)

I don't know. I don't see anything that stands out to me.

GamingLoft

12:12 am on Feb 5, 2008 (gmt 0)

maybe i could do the fsock check in a different function then just call the other function after the email passed the first function?

maybe that'd make it work, cuz everything worked fine before i added my "if email is bein used by another user" type thing...

GamingLoft

1:05 am on Feb 5, 2008 (gmt 0)

I've just realized that what im doing is useless, with the whole fsock thing, its really not needed considering im going to have a email-validation thing (user gets link in email, user has to click link to verify account) eh its not my problem if they put a fake email, but i still am going to use a ereg. i found a good one (or atleast i think so, but im getting these errors...

i get this echoed/error when the email SHOULD come out valid
----------------------
Warning: implode() [function.implode]: Bad arguments. in /home/EXAMPLE/public_html/site/emaila.php on line 11
The email is invalid. Error returned:
----------------------
(emaila is my tester file here is the contents of emaila


<?php
include("mysql_connect.php");
include("functions.php");
$urlemail = $_GET['email']; 
if(($rslt = checkEmail($urlemail)) === true) 
{  
echo 'The email is valid'; 
} 
else 
{   
echo 'The email is invalid. Error returned:<br />' . implode('<br />', $rslt); 
}
?>

GamingLoft

1:05 am on Feb 5, 2008 (gmt 0)


<?php
include("mysql_connect.php");
include("functions.php");
$urlemail = $_GET['email']; 
if(($rslt = checkEmail($urlemail)) === true) 
{ 
echo 'The email is valid'; 
} 
else 
{ 
echo 'The email is invalid. Error returned:<br />' . implode('<br />', $rslt); 
}
?>

and here is my function...


function checkEmail($email) { 
 $email = mysql_real_escape_string($email); 
 $query = "SELECT `email` FROM `hfs_users` WHERE `email` = '$email'"; 
 $result = @mysql_query($query); 
 $errors = array(); 
 
 if(mysql_num_rows($result) > 0) 
 {
$errors[] = 'This email is being used by another user.'; 
 } 
 else 
 {
if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
$errors[]="$email is not properly formatted";
}
}     
if(!empty($errors)){  return $errors;  return true; }}

anyone know why this error is occuring? or see anything wrong with my coding?

[edited by: GamingLoft at 1:07 am (utc) on Feb. 5, 2008]

bpat1434

12:21 pm on Feb 5, 2008 (gmt 0)

Well the only thing I see is the last line of your function. Instead of this:

if(!empty($errors)){ return $errors; return true; }}

It should be this:

if(!empty($errors)){ return $errors; }return true;
}

That's the only thing I see.

GamingLoft

9:46 pm on Feb 5, 2008 (gmt 0)

Great, that totally fixed everything!

Heh, thanks a lot bpat you've been amazingly helpful throughout this thread!

///////////
Actually i have another problem, where i am trying to "imitate this" with my username check function...

here is my username check function..


function checkUsername($username) 
{
if (eregi('^[[:alnum:]\.\?\!\-\_\'\-]{4,12}$', stripslashes(trim($username)) )) {//must be 4-12 letters/chars long .?! - _ ' all aloud + nums and letters
 $user = mysql_real_escape_string($username);
 $query_usernamecheck = "SELECT username FROM hfs_users WHERE username = '$username'";
 $result = @mysql_query($query_usernamecheck);
 $num_samename = @mysql_num_rows($result_usernamecheck); 
 if ($num_samename> 0) { //checks if anyone is using this nam
 $errors[] = "This name is not availible.";//error message if someones using name
}
 else {
$user = mysql_real_escape_string($username);
 $query_blockedname = "SELECT username FROM hfs_blockedname WHERE username = '$username'";
 $result_blockedname = @mysql_query($query_blockedname);
 $num_blockedname = @mysql_num_rows($result_usernamecheck); 
 if ($num_blockedname> 0) {
$errors[] = "The username you entered is not aloud.";//error message if name is put in unacceptable list
}
else{
$check= eregi("slime�kille[rd]�puke�vomit�suck�spastic�spaz�(you )�( you )�(u )�( u )�( of?f$)�( of?f )�[asz]{3,}", $intext);
if ($check) { 
$errors[] = "Usernames are not aloud to contain foul language.";
} else { return FALSE;
}}}}
 else {
 $errors[] = "You're username must contain only letters, numbers and the following characters: .?! - _";
 }
if(!empty($errors)){ return $errors; } 
return true; 
}

here is my name checking file...


<?php
include("mysql_connect.php");
include("functions.php");
$urlname = $_GET['name']; 
if(($rslt = checkUsername($urlname)) === true) 
{
echo 'Its all good.'; 
} 
else 
{ 
echo implode('<br />', $rslt); 
}
?>

so its pretty much the same as the email function but i get this error when running my name checker...

"
Warning: implode() [function.implode]: Bad arguments. in /home/EXAMPLE/public_html/EXAMPLE/namea.php on line 11"

know why this is happening AGAIN?!?!

[edited by: GamingLoft at 10:06 pm (utc) on Feb. 5, 2008]

[edited by: jatar_k at 10:15 pm (utc) on Feb. 5, 2008]
[edit reason] removed some words [/edit]