Comment 1 for bug 1615280

Revision history for this message
Aaron Wells (u-aaronw) wrote : Re: Email validation bug (long domains)

Thanks for reporting this! I wasn't even aware that Mahara had code that was trying to validate email addresses via a simple regex like that. The code in question is pretty old, originally written in 2007 and last updated in 2009 (to allow a "+" sign in the alias part of the email address.)

Of course since then, the number of top-level domain names has exploded. There used to be only a few rare ones longer than four characters; now there are dozens: https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains#ICANN-era_generic_top-level_domains.

I find a few issues mentioned with PHP's "FILTER_VALIDATE_EMAIL" option, specifically:

1. Requires a "." in the domain name, so it fails on eg "root@localhost"
2. Doesn't work with emails containing non-ASCII characters. You can convert the domain part to punycode first, but I'm not sure if that works for the alias part.

On the other hand, both of those bugs are present in the current implementation! So switching to FILTER_VALIDATE_EMAIL would at least be an improvement.