|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #47270 Invalid email address allowed as valid
Submitted: 2009-02-02 09:44 UTC Modified: 2009-02-02 18:23 UTC
From: jason at netmums dot com Assigned:
Status: Not a bug Package: Filter related
PHP Version: 5.2.8 OS: RHEL 5.3
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
43 - 22 = ?
Subscribe to this entry?

 [2009-02-02 09:44 UTC] jason at netmums dot com
An email address is submitted to filter_var and returned as valid 
despite the domain being invalid. There are no single character top-
level domains.

Reproduce code:
$email = '';
if (filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
echo "Invalid email address.";
} else {
echo "Valid email address.";

Expected result:
Invalid email address.

Actual result:
Valid email address.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2009-02-02 14:23 UTC]
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at and the instructions on how to report
a bug at

That domain might exist at your network.
 [2009-02-02 15:30 UTC] jason at netmums dot com
Thanks, perhaps a flag could be added to test against valid public TLDs 
supported by IANA versus technically valid internal addresses?
 [2009-02-02 18:23 UTC]
Just checking TLD isn't enough - actually we'd have to make a NS lookup but that's certainly outside the things of filter. The filter is for making sure nothing bad happens when using the value not checking whether the user couldn't type his name.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Jul 19 02:01:30 2024 UTC