|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #55560 filter_var($e, FILTER_VALIDATE_EMAIL) won't validate spaces in quoted strings
Submitted: 2011-09-01 11:38 UTC Modified: 2011-09-02 10:55 UTC
From: fredgandt at hotmail dot com Assigned:
Status: Closed Package: Mail related
PHP Version: 5.3SVN-2011-09-01 (SVN) OS: Windows XP (SP3)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: fredgandt at hotmail dot com
New email:
PHP Version: OS:


 [2011-09-01 11:38 UTC] fredgandt at hotmail dot com
From manual page:
IMPORTANT: I am a learner. Sorry if I am wasting your time. Also GoDaddy don't 
supply much in the way of detail about what version is running. All I know is 
that it is 5.3.? I have asked for the rest but am still waiting.

Using filter_var($e, FILTER_VALIDATE_EMAIL) where $e is a submitted email 
address that according to RFC 5321 and Wikipedias clearer to understand 
interpretation of it should be considered valid, the return can be invalid where 
spaces are featured within quoted strings.


A-Za-z0-9."?Oooh![what]{fun}|is|!".gladthisisn'tmyaddress@[] == valid 

"Fred Gandt" == invalid

Take the space out and "FredGandt" == valid

I've tested all the most unusual combinations I can think of and 
FILTER_VALIDATE_EMAIL seems to only fail with spaces being disallowed outright 
rather than only being disallowed when not enclosed by quotes (as with other 
otherwise disallowed chars).

If my interpretation of RFC 5321 is wrong and spaces are in fact never allowed 
(even when enclosed by quotes) please forgive my impertinence.

Love PHP. Very slick and user friendlyness abounds!

Test script:
<form action="" method="post">
<input type="text" name="email" size="100">
<input type="submit" value="POST"><br><br>
$result=filter_var($e, FILTER_VALIDATE_EMAIL);
if($result){echo($e."<br><br><b style=\"color:#008800;\">Valid Email Address</b>");}
else{echo($e."<br><br><b style=\"color:#ff0000;\">Invalid Email Address</b>");}

Expected result:
Test script provides form entry field "input type="text""

Fill in "textbox" with email address having a local-part with a quoted string 
containing spaces.

e.g. "Fred Gandt"


EXPECT: Return (echo) == Valid

Actual result:
OBSERVE: Return (echo) == Invalid


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-09-01 12:04 UTC] fredgandt at hotmail dot com
-Status: Open +Status: Closed
 [2011-09-01 12:04 UTC] fredgandt at hotmail dot com
Really sorry. RFC is hard to read so I relied on Wikipedia (usually very good with 
this kind of thing). Spaces aren't ever allowed. Not even within quotes. Going to 
edit Wikipedia now instead of waste your time.
Forgive? ;-)
 [2011-09-01 18:24 UTC] fredgandt at hotmail dot com
I reread and read some extra, edited and re-edited Wikipedia and now have to 
suggest reopening this bug report. It seems I was right in the first place: 
Quoted strings containing spaces should validate (return true).

See: for confirmation.

\ \ \ \ FALSE incorrect since spaces can exist as slashed doublets

"abc def" FALSE incorrect

abc"123@456" FALSE cannot find regulation stating that it should 
be invalid.

abc"123 456" FLASE also should be valid (it seems)

abc"123" FALSE also, so not a space issue but that the quotes are 
not outermost of the local-part

abc123xyz@example.c TRUE incorrect

\\\\\\\\ FALSE incorrect since backslash can quote itself this 
should be accepted

I think there are a few problems need addressing (pun intended).
 [2011-09-02 10:55 UTC] fredgandt at hotmail dot com
It seems that the function and filter work perfectly in all cases.

It was my misunderstanding of the regulations that was at fault. I have edited 
Wikipedia to show what is correct (never read so many regulations in my life!) and 
hope you'll forgive my rush to accuse. My intentions were to help not hinder.

Yours, Fred Gandt.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Sep 25 03:03:38 2021 UTC