Author Topic: Email validation seems too restrictive vs RFC?  (Read 131 times)

Offline teppyogi

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Email validation seems too restrictive vs RFC?
« on: May 05, 2021, 07:05:53 PM »
Hello,

I have tried to register into AbanteCart for testing purposes using myAddress+test1@gmail.com but got a validation error. Looking up validation rules, I stumbled on this post, in which a core developer mentions that the validation regexp is:
Quote
define('EMAIL_REGEX_PATTERN','/^[A-Z0-9._%-]+@[A-Z0-9.-]{0,61}[A-Z0-9]\.[A-Z]{2,16}$/i');

This would explain why I get a validation error, but I am surprised the validation is not done with respect to the RFC, which you can look up on Wikipedia at the Email_address entry (I cannot post the link)...

Argument: the case for avoiding such addresses can be made since, in fact, it bypasses the 1 account per person rule. However, allowing such cases for testing purposes seems worthwhile. Also, validation imho should be just that: making sure the field has been validly populated. I regularly pest at websites which forbid me to use + in addresses because it is super practical for email classification. Therefore I would like it if my website were to avoid being in this category :-)

Questions: am I missing a setting anywhere? If not, should this become a feature in a future version? and in the meantime, how can I provide my own validation regexp?

Thanks! Tepp.

Offline Basara

  • Administrator
  • Hero Member
  • *****
  • Posts: 4861
  • Karma: +254/-2
    • View Profile
Re: Email validation seems too restrictive vs RFC?
« Reply #1 on: May 06, 2021, 06:56:38 AM »
Hello.
Feel free to modify the EMAIL_REGEX_PATTERN

Offline teppyogi

  • Newbie
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Re: Email validation seems too restrictive vs RFC?
« Reply #2 on: May 06, 2021, 09:23:49 AM »
Thanks, I was not aware this was located in a unique spot, which is great! For those who are looking to do the same thing, here is what I did:
  • File to change: core/init.php
  • Change the line: define('EMAIL_REGEX_PATTERN', '/^[A-Z0-9._%-+]+@[A-Z0-9.-]{0,61}[A-Z0-9]\.[A-Z]{2,16}$/i');
  • The only modification I made to the original code is marked in red, above. I can confirm that doing this worked on my installation of AbanteCart (1.3.0).

This was simply adapted for accepting the plus (+) sign into an email address, which is a personal favorite feature of mine in email management. It is by no means an RFC compliant validator, as I have learned since that doing such a validator is both complex and limited in terms of how effective it is at weeding out bad inputs.

Thanks again for the help! Tepp

Offline Basara

  • Administrator
  • Hero Member
  • *****
  • Posts: 4861
  • Karma: +254/-2
    • View Profile
Re: Email validation seems too restrictive vs RFC?
« Reply #3 on: May 07, 2021, 01:49:02 AM »
Thank you for posting a solution

 

Powered by SMFPacks Social Login Mod