filter_var or custom function for email validation in php

Question

Which solution is better, using the built in validation filter_var('email', FILTER_VALIDATE_EMAIL) or a custom function?

Thanks!

Answer 1

Custom validation gives you more control over how far you want to go with this. What is and is not valid as an e-mail address is more complex than you might think, and most of the time, it is better to be too lax with this than too strict. After all, a syntactically valid e-mail address doesn't guarantee that the account actually exists, let alone that it's being actively used. Something like, it must contain one @, at least one dot after the @, at least one character before the @, and none of the illegal characters, is probably good enough in most cases.

Answer 2

Filter var for email remove all characters, except letters, digits and !#$%&'*+-/=?^_`{|}~@.[]. Now it is up to your whether you want to go with this filtration or create a custom solution.

And here is an excellent article on that:

Input Validation: Using filter_var() Over Regular Expressions

Answer 3

PHP's filter_var might be satisfactory for most applications, but if you want to compare performance and validity, look at this site http://www.linuxjournal.com/article/9585 to understand what RFC 2822-compliance means.

Answer 4

You are welcome to use my free PHP function is_email() to validate addresses. It's available here.

It will ensure that an address is fully RFC 5321 compliant. It can optionally also check whether the domain actually exists.

You shouldn't rely on a validator to tell you whether a user's email address actually exists: some ISPs give out non-compliant addresses to their users, particularly in countries which don't use the Latin alphabet. More in my essay about email validation here: http://isemail.info/about.