php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #39469 FILTER_VALIDATE_EMAIL does not accept IDN domain names
Submitted: 2006-11-11 11:19 UTC Modified: 2021-04-18 13:56 UTC
Votes:10
Avg. Score:3.3 ± 1.4
Reproduced:6 of 7 (85.7%)
Same Version:1 (16.7%)
Same OS:1 (16.7%)
From: christoph at ziegenberg dot de Assigned:
Status: Re-Opened Package: Filter related
PHP Version: 5.2.0 OS: WinXP SP2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: christoph at ziegenberg dot de
New email:
PHP Version: OS:

 

 [2006-11-11 11:19 UTC] christoph at ziegenberg dot de
Description:
------------
The filter FILTER_VALIDATE_EMAIL does not accept IDN domain names, so valid email addresses are not accepted, the punycode version works.

I know the check for this is a little bit complex, because the allowed chars in the domain name depend on the TLD. 

I think the current behavior is okay as default, but there should be an option to allow IDN domain names.

Reproduce code:
---------------
<?php
var_dump(filter_var('test@t?t?r?t??.de', FILTER_VALIDATE_EMAIL));
var_dump(filter_var('test@xn--ttrt-loabbba.de', FILTER_VALIDATE_EMAIL));
?>

Expected result:
----------------
string(...) "..."
string(...) "..."

Actual result:
--------------
bool(false)
string(...) "..."

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-09-27 05:13 UTC] aharvey@php.net
-Status: Open +Status: Closed -Package: Feature/Change Request +Package: *General Issues -Assigned To: +Assigned To: aharvey
 [2010-09-27 05:13 UTC] aharvey@php.net
This has since been fixed, and works in the current 5.2 and 5.3 releases.
 [2013-03-04 14:42 UTC] dean at deansas dot org
This doesn't seem to be fixed. Please reopen.

dean@ernie:~$ php -r "var_dump(filter_var('fred@bücher.ch', 
FILTER_VALIDATE_EMAIL));"
bool(false)


Using:
PHP 5.3.10-1ubuntu3.5 with Suhosin-Patch (cli) (built: Jan 18 2013 23:40:19) 
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
 [2014-07-15 16:46 UTC] drogolov at gmail dot com
Any news? Still not fixed.
 [2014-07-17 17:57 UTC] aharvey@php.net
-Status: Closed +Status: Re-Opened -Package: *General Issues +Package: Filter related -Assigned To: aharvey +Assigned To:
 [2014-07-19 18:33 UTC] pajoye@php.net
For the record, it never aimed to support punycode. One has to convert them first.
 [2015-03-20 01:46 UTC] ppaisndud at gmail dot com
Similar to https://bugs.php.net/bug.php?id=65027 which suggests to use idn_to_ascii from pecl intl 

http://3v4l.org/THEZj
 [2016-08-08 10:05 UTC] cmb@php.net
> For the record, it never aimed to support punycode. One has to
> convert them first.

Wouldn't it make sense to do the conversion automatically, if
ext/intl is available? Otherwise we should mark this as WONTFIX.
 [2021-04-18 13:56 UTC] pollita@php.net
I just looked inside php_filter_validate_email() for the first time and was horrified to learn we use a regular expression for email validation.

https://github.com/php/php-src/blob/master/ext/filter/logical_filters.c#L680

That is broken by design and we need to rip this out.  Can confirm that this only works with punycode IDNs, but the fix isn't to shove non-punycode parsing into that monster regex. The fix is to not try to do email validation with a regex.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 11:01:28 2024 UTC