I gave up validating an email address a long time ago. Now all I will do is sanitize it to be safe from malicious attempts. The tipping point for me was trying to decipher an unreasonably long regular expression written months prior to find out why someone's funky address (like the author's) was failing -- wasted time.
You can try, but you can't prevent people from doing dumb things, and in the attempt you end up potentially making mistakes like in the case of the article. Users will always do something unanticipated. With that in mind I only validate the things that really matter (e.g. credit card numbers, social security numbers, etc.). If someone wants to enter "jane at aol" as their address, I have to think, "is this going to a problem for my company?" If not, don't bother to try to fix it.
My current policy on validating email addresses is to issue a warning if a given email address fails a check against a standard that covers the vast majority of addresses in use. Validating against the whole range of possible address content is near pointless. The warning simply asks the user to check their email in case of errors but allows a page submission following the display of that warning.
My current policy on validating email addresses is to issue a warning if a given email address fails a check against a standard that covers the vast majority of addresses in use.
My policy on validating email addresses is "if I send you an email and it arrives, your email address is valid".
Why do you need to "validate" an email address? Knowing that an address is syntactically valid doesn't do anything to confirm that it will reach the intended target.
You are correct - but - at your initial point of contact you have (perhaps) a single opportunity to make contact with your prospective customer. You should do all you can (without boring or annoying your prospect) to capture enough accurate information to ensure that the next step succeeds.
I agree - long term relationships are built on (in the context of this conversation) an exchange of emails but why blow it at the first hurdle?
Agreed. At [old job] we saw a lot of user-entered e-mail addresses that were "correct" (according to so-called validators) but wrong, like "www.screenname@aol.com" or "example@yahoo".
Mine is not to re-write the wheel. Writing a correct email address is indeed non-trivial, but there's at least one well known module written by someone who's actually read the RFCs and won't trash users using plussing and minusing. Use that, don't write your own.
Depends on your customer base.
It might be better to reject one show-off who managed to put a backspace in his email in return for helping 1000s of customers who enter www.name@aol.com
It's possible to have a 6 character email address, but for most users checking that they have entered more than 6 chars would be good.
There's no way to get around invalid email addresses. Anybody can put in something like asdhsouhdosd@ahsoufhsdof.com and it would pass most regex checks. I think the best solution is to just check for an "@" sign and a "." after it.
Yup, I deal with a lot of email data at work and this is pretty much what I do. People try to get way too clever with their validation (I pity anyone stuck with an email at a .museum TLD), and the spambots will just put real-looking fake ones anyway.
The plus address issue is very very frustrating. The worst is when you try to unsubscribe from somewhere, and they don't URL-encode your email address in the unsubscribe URL. If you don't know the change the "+" to a "%2B", you're stuck.
While I'm not as unlucky as a .museum user, I use a .me address as my main public contact address, and you'd be surprised at the number of well-designed sites that don't think it's a valid email.
You can try, but you can't prevent people from doing dumb things, and in the attempt you end up potentially making mistakes like in the case of the article. Users will always do something unanticipated. With that in mind I only validate the things that really matter (e.g. credit card numbers, social security numbers, etc.). If someone wants to enter "jane at aol" as their address, I have to think, "is this going to a problem for my company?" If not, don't bother to try to fix it.