|
dave Stuttard - 2009-09-04 12:02:13
Hi, thanks for giving us this class; it clearly does a lot more than just calling GetMXRR or checkdnsrr, as appropriate. I did notice that all Yahoo servers (ymail.com, yahoo.com, yahoo.co.uk, rocketmail.com) respond badly, eg with several attempts and accepting bogus 'users', but all others, eg gmail, work very well. It is useful for manually checking individual email addresses, but for me an adaption for automatic checking in forms would be very useful.
I'm not very clever with php coding yet; is there an easy way to reject an email entered in a form (and display a message) for either a 'failed to validate' or a 'not a valid email'. A section in one of my forms (which works fine, except sometimes accepts bogus users) is currently:
if ($submitting)
{
list($username,$hostname) = split("@",$email);
if ( (empty($username)) or (empty($hostname)) ) {$msg = "Please enter a valid email address";}
elseif(!checkdnsrr($hostname)){$msg = "Please enter a valid email address";}
elseif (empty($name)){$msg = "Please enter your name";}
elseif (empty($subject)){$msg = "Please enter a subject";}
elseif (empty($message)){$msg = "Please enter a message";}
elseif (isset($_SESSION['captcha_keystring']) && $_SESSION['captcha_keystring'] == $_POST['keystring'])
{
Just need to call your class somehow (where and instead of !checkdnsrr here)
Regards, Dave
Manuel Lemos - 2009-09-04 21:26:53 - In reply to message 1 from dave Stuttard
Unfortunately there is no solution for that because many e-mail servers accept messages for bogus users to only bounce them later.
This class helps minimizing typing mistakes, but the definite solution to validate the e-mail address of an user is to send a double opt-in message with a the URL of a page that the user must visit to validate his registration.
You need to create a secret token passed in the link URL as a parameter. Store that token in the user record database table for posterior verification when the user visits the verification page.
That is what is used in the PHPClasses site registration.
dave Stuttard - 2009-09-05 09:07:45 - In reply to message 2 from Manuel Lemos
Thanks Manuel
(Exploring potential applications for this class) I just wanted to note that it does not work with some email servers (for the reason you explained) and to ask if I can call it in a contact form (not a registration form, for which, as you say, the best solution is to use a double opt in). NB: It does seem to work better than my current simple method using checkdnsrr (on PHP 4.4.6).
Alternatively, would it be more appropriate for me to just use your getmxrr.php (with DNS.php)?
Manuel Lemos - 2009-09-05 20:45:30 - In reply to message 3 from dave Stuttard
No, as I told you there is no way to know if an address is valid if messages sent to it will only be bounced later.
Think of this solution as a better than nothing way to catch some invalid addresses. To definitely validate any addresses, use the double opt-in validation solution that I mentioned above.
dave Stuttard - 2009-09-12 15:59:58 - In reply to message 4 from Manuel Lemos
Thanks. I know it's not perfect, but it is better than what I had before (it only fails for Yahoo-based addresses so far, but it works good for gmail, mac, sky, aol and msn). I therefore offer the following to use it for email validation in a contact form (for which a double opt-in is not appropriate):
require("email_validation.php");
$validator=new email_validation_class;
if(($result=$validator->ValidateEmailBox($email))==0) {$msg = "oops! Your Email is missing or invalid. Please try again.";}
|