Form validation

[jæd]

Match any piece of text that has an '@' symbol, followed by one or more sequences of at least 2 alphanumeric characters followed by a full stop '.', all terminated with a sequence of between 2 and 6 alphabetic characters (the last condition could be more restrictive {2,3} - would match all valid Top Level Domains I think.

What about my test box called "a"...? Is not me@a a valid email on that system...? I can see your point its just the only way to vaidate a email 100% is to send it and see if a human (or a reasonably trained monkey) acts on the information.

 

[gurrier]

Why?

I've used it on the www and it works fine for me.

A DNS lookup can take several seconds to complete. High volume web applications typically aim for page processing times of less then 0.1 seconds. If response speed and traffic aren't a limiting factor, it can make sense, but in general it should be avoided by response processing code.

On the other hand, if your DNS server goes down, chances are that every page that uses NS Lookups will have a 30 second DNS timeout added to the page processing time.

On web pages I think it is generally a good principle to never rely on network services at runtime, if you need them, cache them in a post-processing phase after the page has loaded, or else use some type of cron script to update the cache asynchronously.

 

[gurrier]

What about my test box called "a"...? Is not me@a a valid email on that system...? I can see your point its just the only way to vaidate a email 100% is to send it and see if a human (or a reasonably trained monkey) acts on the information.

If you wanted to support the local system and email addresses without fully qualified domains, you would really want to put the individual addresses in explicitly as a list of possibilities in the regex. On the other hand, you might as well just force everybody to use fully qualified addresses and on the internet it is rare that you want to support local mailboxes explicitly.

 

[gurrier]

the last condition could be more restrictive {2,3} - would match all valid Top Level Domains I think.

Whoops, scratch that. Just realised that .museum is a valid tld, replace with original {2,6}...

 

[jæd]

Whoops, scratch that. Just realised that .museum is a valid tld, replace with original {2,6}...

Have you eve come across the email regex in the back of the Oreilly Regex book...? Usually takes care of most of my needs...

 

[untethered]

Depends how many email addresses you are validating per second.

It's only DNS, which is cached.

The way I do it is to check the format of the email address for validity, then see if I can fetch an MX record for that domain, indicating that there is at least a mail server there, even if the user doesn't exist.

Ruby on Rails has got wonderful validation features embedded in the classes that map onto the underlying database tables, rather than (or in fact, as well as) on the forms themselves.

http://api.rubyonrails.com/classes/ActiveRecord/Validations/ClassMethods.html

The beauty of this is that validation is in a single place rather than scattered among disparate scripts that handle forms. No matter where you're getting your data from (whether a web form or anywhere else), it's going to be validated according to the same set of rules before it gets saved to the database. This saves huge amounts of grief with large/complex applications.