Issues

ZF-11451: Zend Validate fails to validate emails with dot at the end

Description

Zend_Validate_EmailAddress fails to validate emails with a dot at the end.

Example:

$validate = new Zend_Validate_EmailAddress();
var_dump($validate->isValid('example@gmail.com.')); // Returns true, should be false

This seems like a bug that was recently introduced since i tested on version 1.10.5 and it works ok, returns false as expected.

Comments

My guess is that it was introduced in 1.11.2 with ZF-6363, which corrected the URI validator to accept a URI with a trailing period as valid. Since Zend_Validate_EmailAddress uses Zend_Validate_Hostname for host part validation by default, URIs with trailing dots then became valid email addresses.

RFC-2822 (S3.4 - Address Specification) does not permit email addresses to have a trailing dot in the domain part, so IMO the current behavior is incorrect.

Reproduce test case:


/**
 * @group ZF-11222
 * @group ZF-11451
 */
public function testEmailAddressesWithTrailingDotInHostPartAreRejected()
{
    $this->assertFalse($this->_validator->isValid('example@gmail.com.'));
    $this->assertFalse($this->_validator->isValid('test@test.co.'));
    $this->assertFalse($this->_validator->isValid('test@test.co.za.'));
}

Test fails until this modification is made to Zend_Validate_EmailAddress:


Index: library/Zend/Validate/EmailAddress.php
===================================================================
--- library/Zend/Validate/EmailAddress.php      (revision 24123)
+++ library/Zend/Validate/EmailAddress.php      (working copy)
@@ -527,8 +527,9 @@
         $this->_setValue($value);

         // Split email address up and disallow '..'
+        // and disallow addresses ending with a '.'
         if ((strpos($value, '..') !== false) or
-            (!preg_match('/^(.+)@([^@]+)$/', $value, $matches))) {
+            (!preg_match('/^(.+)@([^@]+[^.])$/', $value, $matches))) {
             $this->_error(self::INVALID_FORMAT);
             return false;
         }

Then all email-related tests in Zend_Validate test suite pass.

Fixed in trunk r24124

Merged to release-1.11 in r24125

Please note that for hostnames (the ending part of an email adress) an ending dot is a valid adress according to RFC.

BUT: Only for local adresses, not for DNS names.

Adam: Your fix is bogus. When an individual hostname validator is used within the email validator then emails get now validated as fails even if they are correct.

Note that for local hostnames a ending dot is allowed according to RFC as also for emails from a local domain.

See GH-229 for the correct implementation. Your tests pass this change without touching the Email validator.

Please backport this fix to ZF1 to fix this bug and remove your changes from the Email validator.

Reverted r24125 and r24124 from SVN repo in r24304 and r24305, respectively.

Issue will be fixed once backporting of GH-229 is completed (see ZF-6363)

Fixed in ZF2 with GH-279