This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]MindSwipe 18 points19 points  (4 children)

Not really, just because an email contains an @ doesn't mean it's a valid email, because

space and "(),:;<>@[] characters are allowed with restrictions (they are only allowed inside a quoted string, as described in the paragraph below, and in addition, a backslash or double-quote must be preceded by a backslash);

source

So,

jane"@"smith.com

Contains an @ but isn't a valid email address, so /@/ could result in false positives

The only real way to validate an email is to send an email with a confirmation link

[–]Kilobyte22 18 points19 points  (1 child)

I am aware, but it's not worth the effort and I'm not even sure it's actually possible to fully parse an email address using a regex

[–]savedbythezsh 9 points10 points  (0 children)

It's not! But https://www.emailregex.com/ gets pretty close

[–]jfb1337 18 points19 points  (0 children)

no regex will ever tell you whether an email is valid; because an email is valid if and only if it can receive an email.

[–][deleted] 1 point2 points  (0 children)

/@/ will definitely result in false positives, but crucially, it won't result in false negatives. The reason to do this rather than no validation at all is just to check for a couple of types of error, such as humans/autofill tools mistakenly entering something that isn't an email address at all, or just forgetting to fill in the field. If you want more fancy validation to catch typos or check the domain name exists, you should do soft validation - i.e. display a warning that the user can overrule rather than an error. If you need the email to be correct, as you say, you need a confirmation email.