php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #39469 FILTER_VALIDATE_EMAIL does not accept IDN domain names
Submitted: 2006-11-11 11:19 UTC Modified: 2021-04-18 13:56 UTC
Votes:10
Avg. Score:3.3 ± 1.4
Reproduced:6 of 7 (85.7%)
Same Version:1 (16.7%)
Same OS:1 (16.7%)
From: christoph at ziegenberg dot de Assigned:
Status: Re-Opened Package: Filter related
PHP Version: 5.2.0 OS: WinXP SP2
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: christoph at ziegenberg dot de
New email:
PHP Version: OS:

 

 [2006-11-11 11:19 UTC] christoph at ziegenberg dot de
Description:
------------
The filter FILTER_VALIDATE_EMAIL does not accept IDN domain names, so valid email addresses are not accepted, the punycode version works.

I know the check for this is a little bit complex, because the allowed chars in the domain name depend on the TLD. 

I think the current behavior is okay as default, but there should be an option to allow IDN domain names.

Reproduce code:
---------------
<?php
var_dump(filter_var('test@t?t?r?t??.de', FILTER_VALIDATE_EMAIL));
var_dump(filter_var('test@xn--ttrt-loabbba.de', FILTER_VALIDATE_EMAIL));
?>

Expected result:
----------------
string(...) "..."
string(...) "..."

Actual result:
--------------
bool(false)
string(...) "..."

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-09-27 05:13 UTC] aharvey@php.net
-Status: Open +Status: Closed -Package: Feature/Change Request +Package: *General Issues -Assigned To: +Assigned To: aharvey
 [2010-09-27 05:13 UTC] aharvey@php.net
This has since been fixed, and works in the current 5.2 and 5.3 releases.
 [2013-03-04 14:42 UTC] dean at deansas dot org
This doesn't seem to be fixed. Please reopen.

dean@ernie:~$ php -r "var_dump(filter_var('fred@bücher.ch', 
FILTER_VALIDATE_EMAIL));"
bool(false)


Using:
PHP 5.3.10-1ubuntu3.5 with Suhosin-Patch (cli) (built: Jan 18 2013 23:40:19) 
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
 [2014-07-15 16:46 UTC] drogolov at gmail dot com
Any news? Still not fixed.
 [2014-07-17 17:57 UTC] aharvey@php.net
-Status: Closed +Status: Re-Opened -Package: *General Issues +Package: Filter related -Assigned To: aharvey +Assigned To:
 [2014-07-19 18:33 UTC] pajoye@php.net
For the record, it never aimed to support punycode. One has to convert them first.
 [2015-03-20 01:46 UTC] ppaisndud at gmail dot com
Similar to https://bugs.php.net/bug.php?id=65027 which suggests to use idn_to_ascii from pecl intl 

http://3v4l.org/THEZj
 [2016-08-08 10:05 UTC] cmb@php.net
> For the record, it never aimed to support punycode. One has to
> convert them first.

Wouldn't it make sense to do the conversion automatically, if
ext/intl is available? Otherwise we should mark this as WONTFIX.
 [2021-04-18 13:56 UTC] pollita@php.net
I just looked inside php_filter_validate_email() for the first time and was horrified to learn we use a regular expression for email validation.

https://github.com/php/php-src/blob/master/ext/filter/logical_filters.c#L680

That is broken by design and we need to rip this out.  Can confirm that this only works with punycode IDNs, but the fix isn't to shove non-punycode parsing into that monster regex. The fix is to not try to do email validation with a regex.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Oct 05 12:01:27 2024 UTC