Validating Email Addresses in PHP

Validation Process

The email validation process consists of two main steps:

1. Sanitizing the Email Address

// Convert to lowercase
$emailAddress = strtolower($emailAddress);

// Remove bad characters from the email
$sanitizedEmail = filter_var($emailAddress, FILTER_SANITIZE_EMAIL);

2. Validating the Email Address

// Validate the email address
$isValid = filter_var($emailAddress, FILTER_VALIDATE_EMAIL);

Complete Validation Function

Here’s a complete function that combines both steps:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
function validateEmail($emailAddress) {
    $emailAddress = strtolower($emailAddress);
    $sanitizedEmail = filter_var($emailAddress, FILTER_SANITIZE_EMAIL);
    
    if ($emailAddress == $sanitizedEmail && filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {
        return $emailAddress;
    } else {
        return false;
    }
}

Special Considerations

Internationalized Domain Names (IDN)

For email addresses containing Internationalized Domain Names (IDN), you need to convert it to punycode before validating the email address. This ensures proper handling of non-ASCII characters in domain names.

1
2
3
4
5
6
7
8
9
function validateEmail($emailAddress) {
  $emailAddress = strtolower($emailAddress);
  $sanitilzedEmail = filter_var($emailAddress, FILTER_SANITIZE_EMAIL);
  if ($emailAddress == $sanitilzedEmail && filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {
    return $emailAddress;
  } else {
    return false;
  }
}

Validating Email Addresses in PHP#

Validation Process#

1. Sanitizing the Email Address#

2. Validating the Email Address#

Complete Validation Function#

Special Considerations#

Internationalized Domain Names (IDN)#