Email address regular expression is wrong everywhere.

[jasminpatel]

The email address validation in all opencart forms is wrong. There is sily mistake in regular expression given in statement.

    if ((utf8_strlen($this->request->post['email']) > 96) || !preg_match('/^[^\@]+@.*.[a-z]{2,15}$/i', $this->request->post['email'])) {
        $this->error['email'] = $this->language->get('error_email');
    }

If I add email address xyz@abc the email address will be validated. The pattern should match email address like xyz@abc.com for that the actual expression should be as below.

/^[^\@]+@.*.[a-z]{2,15}+.[a-z]{2,4}$/i

[ADDCreative]

That expression doesn't look right to me. I think a \ just needs adding before the last . to match an actual . and not any character.

/^[^\@]+@.*\.[a-z]{2,15}$/i

The 15 for the length of the top level domain could possibly be made be bigger. The maximum they can be is 63 I believe, although there are none that long at the moment.

[prhost]

I think the ideal would be to use the filter php, ex .: filter_var('xyz@abc.com', FILTER_VALIDATE_EMAIL)

[danielkerr]

@prhost can not use filters as its an external php extension that is not instsalled on all hosts.

[falnyr]

@danielkerr Native since PHP 5.2, are you supporting lower versions? http://php.net/manual/en/function.filter-var.php

[chienhoang]

Yeah, i think we should use filter_var since it's already a built-in function of PHP (I don't think there's any people still using PHP < 5.2

[danielkerr]

im sure i added this before and got loads of complaints.

[danielkerr]

i would be happy to use this as long as it is not a extension that some hosts dont install.

[danielkerr]

ok if this is installed as part of php then it should put that email validation headache to bed once and for all