PHP
  Home arrow PHP arrow Page 6 - Email Address Verification with PHP
Dev Shed Forums  
Administration  
AJAX  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Smartphone Development  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Mobile Linux  
App Generation ROI  
IBM® developerWorks  
Forums Sitemap  
E-Commerce Hosting  
Linux Web Hosting  
Managed Hosting  
Small Business Hosting  
VPS Hosting  
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid  
Request Media Kit
Contact Us  
Site Map  
Privacy Policy  
Support  
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
PHP

Email Address Verification with PHP
By: Alejandro Gervasio
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: starstarstarstarstar / 187
    2005-02-08


    Table of Contents:
  • Email Address Verification with PHP
  • Validating the proper format of an email address
  • Validating email domains with checkdnsrr()
  • Customizing checkdnsrr()
  • Using getmxrr() for validation
  • Empowering validation with fsockopen()

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      error-file:tidyout.log Del.ici.ous error-file:tidyout.log Digg
      error-file:tidyout.log Blink error-file:tidyout.log Simpy
      error-file:tidyout.log Google error-file:tidyout.log Spurl
      error-file:tidyout.log Y! MyWeb error-file:tidyout.log Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article

     
     
    ADVERTISEMENT


    Email Address Verification with PHP - Empowering validation with fsockopen()
    ( Page 6 of 6 )

    In order to find out whether an email domain is really in use, we’re going to take advantage of PHP’s fsockopen() function, which is used to open domain socket connections over the Internet. This serves our purposes handily, since we might try opening a socket connection to the mail server identified with the given domain. If the socket connection is successfully opened, then the supplied domain is currently in use.

    The format for fsockopen() is the following:

    int fsockopen ( string hostname, int port [, int errno [, string errstr [, float timeout]]]);

    The function, when used for Internet domains, will open a TCP socket connection to the provided host name on the supplied port, and return a file pointer corresponding to that host. If the call fails, it will return false, and if the optional errno and errstr arguments are present, they will be set to indicate the actual system level error that occurred while performing the call. The optional timeout parameter can be used to set a timeout in seconds for the connect system call. 

    Having taken a look at what this function does, it’s feasible to open a socket connection on port 25 (the default port for SMPT servers) to the given domain for a user’s email address in the following manner:

    If(!fsockopen($domain,25,$errno,$errstr,30)) {
     return false;
    }

    Here we’re trying to open a socket connection to the provided domain on port 25, setting a timeout of 30 seconds for the connection. If the connection is successfully established, the function will return true, which means that the SMTP server is up and running, the email domain is real and, hopefully, there is a valid user for that domain. If the connection fails, the function will return false, either indicating that the domain is not being used, at least for the moment that we attempted to open the socket connection. As you can easily guess, there might be several reasons for a failed result. Even if the user was valid, the mail server might be down, our system might be having its own problems, or other difficulties inherent to any network process might exist.

    Anyway, our rough attempt to enhance the validation process is still a valid effort worth considering. Here’s the checkEmail() function with the new enhancements:

    function checkEmail($email) {
     // checks proper syntax
     if(preg_match("/^( [a-zA-Z0-9] )+( [a-zA-Z0-9\._-] )*@( [a-zA-Z0-9_-] )+( [a-zA-Z0-9\._-] +)+$/" , $email)) {
      // gets domain name
      list($username,$domain)=split('@',$email);
      // checks for if MX records in the DNS
      if(!checkdnsrr($domain, 'MX')) {
       return false;
      }
      // attempts a socket connection to mail server
      if(!fsockopen($domain,25,$errno,$errstr,30)) {
       return false;
      }
      return true;
     }
     return false;
    }

    And the code to call the function is listed as follows:

    $email = trim($_POST['email']);  
    if(!checkEmail($email)) { 
    echo 'Invalid email address!';
    }
    else {
     echo 'Email address is valid';
    }

    We have taken a considerable step forward to improve the validation routines within our function.

    To explain what we did step-by-step: once the email address is passed to the function, it is first validated to make sure it matches the regular expression. If the validation is successful, then the address is divided to obtain the email domain.

    Then, the function checks whether the domain is real, looking for MX records in the DNS. Again, if the records are found, the next step is to open a socket connection for that domain on port 25, to determine whether the given domain is in use. If the connection is successful, we’re pretty sure that the email address corresponds to a real domain, which is currently in use, and the user name is potentially valid.
    Any checking process that returns false, will evaluate the function as false too, terminating it, therefore indicating that the supplied email address is not valid.

    Finally we’ve successfully reached our objective, with a few lines of PHP code. Not too bad, huh?

    Summary

    As with many other user data, email addresses are certainly pretty hard to validate. We’re not completely sure that what a visitor is giving us is valid input. However, as reviewed in this article, using several powerful PHP network functions combined is a great way to make the validation process a relatively painless task. Additionally, we’ve taken an instructive approach for some other concepts, such as working with lookup functions and sockets, even though we only scratched their surfaces. Thus, the next time you need to implement email verification in your PHP applications, don’t forget these invaluable tools. They're really worthwhile.



     
     
    >>> More PHP Articles          >>> More By Alejandro Gervasio
     

       

    PHP ARTICLES

    - Building Dynamic Queries with Chainable Meth...
    - PHP Encryption and Decryption Methods
    - Building a MySQL Abstraction Class with Meth...
    - Completing a Sample String Processor with Me...
    - Mastering WHILE Loops for PHP and MySQL
    - Method Chaining: Adding More Methods to the ...
    - Method Chaining in PHP 5
    - The Role of Interfaces in Applying the Depen...
    - Dependency Injection: Using a Setter Method ...
    - Using a Model Class with the Dependency Inje...
    - Injecting Objects Using Setter Methods with ...
    - Injecting Objects by Constructor with the De...
    - The Dependency Injection Design Pattern in P...
    - Performing Inferential Statistical Analysis ...
    - Performing Descriptive Statistical Analysis ...





    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 1 Hosted by Hostway
    Stay green...Green IT