php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69844 FILTER_VALIDATE_EMAIL rejects unusual but valid addresses
Submitted: 2015-06-15 22:22 UTC Modified: 2015-06-16 14:39 UTC
From: grzegorz129 at gmail dot com Assigned:
Status: Not a bug Package: Filter related
PHP Version: 7.0.0alpha1 OS: Any
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: grzegorz129 at gmail dot com
New email:
PHP Version: OS:

 

 [2015-06-15 22:22 UTC] grzegorz129 at gmail dot com
Description:
------------
Some weird (but still perfectly valid) e-mail addresses are rejected by filter_var with FILTER_VALIDATE_EMAIL filter.
I've got sample data from https://en.wikipedia.org/wiki/Email_address#Valid_email_addresses

While support for comments was mention before I was unable to find any references to spaces.

Test script:
---------------
$emails = array(
    'test@example.com',
    'test.derp@example.com',
    'test+nick@example.com',
    'abc."defghi".xyz@example.com',
    '"abcdefghixyz"@example.com',
    'jsmith@[192.168.2.1]',
    'jsmith@[IPv6:2001:db8::1]',
'long.but.still.perfectly.valid.email.address@on.even.longer.domain.name.owned.by.some.weird.name.company.which.name.you.cannot.pronounce.com',
    'other.email-with-dash@example.com',
    '"much.more unusual"@example.com',
    '"very.unusual.@.unusual.com"@example.com',
    '"very.(),:;<>[]\".VERY.\"very@\\ \"very\".unusual"@strange.example.com',
    'admin@mailserver1 (local domain name with no TLD)',
    '#!$%&\'*+-/=?^_`{}|~@example.org',
    '"()<>[]:,;@\\\"!#$%&\'*+-/=?^_`{}| ~.a"@example.org',
    '" "@example.org (space between the quotes)',
    '☃☃☃@example.com (Unicode characters in local part)',
    '☃☃☃@☃☃☃.com (Unicode characters in domain part)',
    'new@domain.pizza'
);

foreach ($emails as $email) {
    echo (filter_var($email, FILTER_VALIDATE_EMAIL)) ? 
        "[+] Email $email is valid\n" : 
        "[-] Email $email is NOT valid\n";
}

Actual result:
--------------
http://3v4l.org/qTsVc

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-06-16 14:39 UTC] rasmus@php.net
-Status: Open +Status: Not a bug
 [2015-06-16 14:39 UTC] rasmus@php.net
This is working as documented. We validate according to RFC822 and don't allow IDNs. The simple work-around if you want IDN support is to call idn_to_ascii() first.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Nov 05 22:01:28 2024 UTC