Check if a string is an email address in PHP

I am trying to do an SQL query, but I need to check somehow if the value is an email address. I need a way to check if $user is an email address, because I have user values such as this in my table.

test
test2
test@example.com
[email protected]
test392
test@example.net

and so on...

I need to make it so $useremail checks $user to find if it's an email address. So I can UPDATE the values, WHERE user=test OR [email protected], etc.

$user = strtolower($olduser);
$useremail = "";

mysql_query("UPDATE _$setprofile SET user=$sn, fc=$fc WHERE user='$user' OR user='$useremail");

Without regular expressions:

<?php
    if(filter_var("[email protected]", FILTER_VALIDATE_EMAIL)) {
        // valid address
    }
    else {
        // invalid address
    }
?>

if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
	echo 'This is a valid email address.';
	echo filter_var($email, FILTER_VALIDATE_EMAIL);
    //exit("E-mail is not valid");
}
else
{
	echo 'Invalid email address.';
} 

This is not a great method and doesn't check if the email exists but it checks if it looks like an email with the @ and domain extension.

function checkEmail($email) {
   $find1 = strpos($email, '@');
   $find2 = strpos($email, '.');
   return ($find1 !== false && $find2 !== false && $find2 > $find1);
}

$email = '[email protected]';
if ( checkEmail($email) ) {
   echo $email . ' looks like a valid email address.';
}

The simplest approach is to use a regular expression to check email addresses, although there's some disagreement about how accurate this can be. This process is discussed in detail here:

https://stackoverflow.com/questions/201323/what-is-the-best-regular-expression-for-validating-email-addresses

You can use REGEXP in MySQL to select from the database based on your regular expression:

http://dev.mysql.com/doc/refman/5.1/en/regexp.html

This function is_email() will give you an definite answer to whether the string is a valid email address or not. As far as I know, no other solution will do this with the same level of authority.

If I understand the example correctly, you would use it like this

$user = strtolower($olduser);
$useremail = (is_email($user)) ? $user : '';

The PHP built-in function is incomplete. I'm the principle author of is_email() so I'm blowing my own trumpet here, but I've put a lot of work into this in order that nobody else should have to ever again.

You can use regular expressions to validate your input string to see if it matches an email address:

<?php 
$email = "[email protected]"; 
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { 
  echo "Valid email address."; 
} 
else { 
  echo "Invalid email address."; 
} 
?>

From: http://www.totallyphp.co.uk/code/validate_an_email_address_using_regular_expressions.htm

EDIT: for more accurate expressions, please refer to Travis answer on this question

I've been using this function for many years across hundreds of sites. It's probably not perfect, but i've never had a complaint of false negatives (or positives):

function validate_email($email) {
	return (preg_match("/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/", $email) || !preg_match("/^.+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/", $email)) ? false : true;
}

Apart from all regex suggestions which mostly doesn't support all of the available TLD's (including for example .info and .museum) and the upcoming ICANN decision to allow Chinese and Arabic in URL's (which would let [a-z] and \w fail) for which the following more generic regex is sufficient

([^.@]+)(\.[^.@]+)*@([^.@]+\.)+([^.@]+)

I would also mention that doing a WHERE user=test OR [email protected] is too error prone. Better use an autogenerated PK in the table and use it in the WHERE clause.

I don't really see the value of strict, long and unreadable mailregexes conforming the RFCxxxx specs. Best way is still to send a mail with a link with an activation key to the end user to let it confirm the mail address. Inform that in the form as well. If necessary let the user type the email address twice like you do for passwords.

Since everybody is posting their regular expression, here's mine: ^((([\w+-]+)(.[\w+-]+)*)|("[^(\|")]{0,62}"))@(([a-zA-Z0-9-]+.)+([a-zA-Z0-9]{2,})|[?([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})(.([1]?\d{1,2}|2[0-4]{1}\d{1}|25[0-5]{1})){3}]?)$

To the best of my knowledge, it supports everything in the RFC specification, including a lot of things that most people don't usually include.

$email = "[email protected]";

function isEmail($email) {
     if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
          return true
     } else {
          return false
     }
}

if (isEmail($user_email)) {
     // email is valid, run the query
     mysql_query("UPDATE _$setprofile SET user=$sn, fc=$fc WHERE user='$user' OR user='$user_email");
}

$user_email = "email@gmailcom";

function isEmail($email) {
     if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
          return true;
     } else {
          return false;
     }
}

if (isEmail($user_email)) {
     // email is ok!
} else {
     // email not ok
}