为什么filter_var($email, FILTER_VALIDATE_EMAIL) 允许test@test?
我刚刚设置了一个表单的验证,我决定尝试使用 filter_var 函数来检查我的电子邮件地址的有效性。我无法在任何地方找到 filter_var 实际上允许什么(因为文档非常简单),并且我发现它允许像 test@test 这样的电子邮件地址。域中不是必须有 .com、.net 等吗?
I was just setting up the validation for a form in which I decided to try using the filter_var function to check the validity of my email address. I can not find out what filter_var actually allows anywhere though (since the documentation is very simple), and I found out that it is allowing an email address like test@test. Doesn't there have to be a .com, .net etc... in the domain?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
四月份左右,这种行为发生了变化。请参阅 bug #49576 和 修订版 297350。
该电子邮件确实无效,或者至少 PHP 开发人员是这么理解的。来源带有此通知:
变更日志提到了 PHP 5.3.3 和 PHP 5.2 的此错误修复。 14.
The behavior has changed somewhere around April. See bug #49576 and revision 297350.
That e-mail is indeed invalid, or at least that's what the PHP developers understood. The source carries this notice:
The changelog mentions this bug fix for PHP 5.3.3 and PHP 5.2.14.
这是一个有效的电子邮件地址。它无法在 Internet 上运行(至少现在不行),但对于本地地址来说却没问题。
我认为开发人员正在采取明智的方法来检查电子邮件地址,而不是为自己构建一个一旦引入新顶级域名就保证会过时的系统。我们有足够的电子邮件地址语法检查器来拒绝
[电子邮件受保护]
就这样。It is a valid email address. It isn't going to work on the Internet (at least, not today), but it is fine for a local address.
I would assume that the developers are taking the sensible approach to checking email addresses and not building themselves a system that is guaranteed to go out of date as soon as a new TLD is introduced. We have enough email address syntax checkers that reject
[email protected]
as it is.test@test 在语法上是有效的。
来自 RFC 5321:
只有在这之后才说:
这并不一定排除纯 TLD 域名。事实上,运行以下代码:
checkdnsrr('ua', 'MX') // Returns true
getmxrr('ua', $array) // Returns true
TLD - 只有域名(可以)具有 MX 记录并且正在使用中:http://www.to / 是一个例子。以下是一些有效的仅 TLD 域名电子邮件地址:
vince@ai
paul@io
root@km
joost@tk
admin@tt
hostmaster@ua
示例电子邮件地址来源: Tony Finch – 带 MX 的 TLD
test@test is syntactically valid.
From RFC 5321:
Only after this does it say:
This does not necessarily preclude TLD-only domain names. In fact, run the following code:
checkdnsrr('ua', 'MX') // Returns true
getmxrr('ua', $array) // Returns true
TLD-only domain names (can) have MX records and are in use: http://www.to/ is an example. And here's some valid TLD-only domain name email addresses:
vince@ai
paul@io
root@km
joost@tk
admin@tt
hostmaster@ua
Source of example email addresses: Tony Finch – TLDs with MXs
不,
test
可以是本地/内部网络域,这样就可以了。我喜欢它在开发时正确验证wrikken@localhost
。正常的
nonexistentdomain.foo
也会有同样的问题。如果您想测试某些内容是否可传递给主机,请使用 getmxrr(如果失败,则返回到 gethostbyname())。No,
test
can be a local / internal network domain, so that would work. I like it that it correctly validateswrikken@localhost
when developing for instance.A normal
nonexistentdomain.foo
would have the same problem. If you want to test whether something is delivarable to a host, usegetmxrr
(and it that fails fall back togethostbyname()
).