ZF-11451: Zend Validate fails to validate emails with dot at the end

Issue Type: Bug Created: 2011-06-07T14:58:03.000+0000 Last Updated: 2011-08-25T20:29:33.000+0000 Status: Resolved Fix version(s): - 1.11.8 (07/Jul/11)

  • Next Major Release ()

Reporter: Fernando Morgenstern (fernandomm) Assignee: Thomas Weidner (thomas) Tags: - Zend_Validate

Related issues: - ZF-11222

Attachments: - ZF-11451.patch


Zend_Validate_EmailAddress fails to validate emails with a dot at the end.


<pre class="highlight">$validate = new Zend_Validate_EmailAddress();
var_dump($validate->isValid('')); // Returns true, should be false

This seems like a bug that was recently introduced since i tested on version 1.10.5 and it works ok, returns false as expected.


Posted by Adam Lundrigan (adamlundrigan) on 2011-06-07T15:24:25.000+0000

My guess is that it was introduced in 1.11.2 with ZF-6363, which corrected the URI validator to accept a URI with a trailing period as valid. Since Zend_Validate_EmailAddress uses Zend_Validate_Hostname for host part validation by default, URIs with trailing dots then became valid email addresses.

RFC-2822 (S3.4 - Address Specification) does not permit email addresses to have a trailing dot in the domain part, so IMO the current behavior is incorrect.

Posted by Adam Lundrigan (adamlundrigan) on 2011-06-07T15:34:50.000+0000

Reproduce test case:

<pre class="highlight">
 * @group ZF-11222
 * @group ZF-11451
public function testEmailAddressesWithTrailingDotInHostPartAreRejected()

Test fails until this modification is made to Zend_Validate_EmailAddress:

<pre class="highlight">
Index: library/Zend/Validate/EmailAddress.php
--- library/Zend/Validate/EmailAddress.php      (revision 24123)
+++ library/Zend/Validate/EmailAddress.php      (working copy)
@@ -527,8 +527,9 @@

         // Split email address up and disallow '..'
+        // and disallow addresses ending with a '.'
         if ((strpos($value, '..') !== false) or
-            (!preg_match('/^(.+)@([^@]+)$/', $value, $matches))) {
+            (!preg_match('/^(.+)@([^@]+[^.])$/', $value, $matches))) {
             return false;

Then all email-related tests in Zend_Validate test suite pass.

Posted by Adam Lundrigan (adamlundrigan) on 2011-06-07T15:53:58.000+0000

Fixed in trunk r24124

Posted by Adam Lundrigan (adamlundrigan) on 2011-06-07T16:13:37.000+0000

Merged to release-1.11 in r24125

Posted by Thomas Weidner (thomas) on 2011-07-13T08:45:33.000+0000

Please note that for hostnames (the ending part of an email adress) an ending dot is a valid adress according to RFC.

BUT: Only for local adresses, not for DNS names.

Posted by Thomas Weidner (thomas) on 2011-07-27T17:57:26.000+0000

Adam: Your fix is bogus. When an individual hostname validator is used within the email validator then emails get now validated as fails even if they are correct.

Note that for local hostnames a ending dot is allowed according to RFC as also for emails from a local domain.

See GH-229 for the correct implementation. Your tests pass this change without touching the Email validator.

Please backport this fix to ZF1 to fix this bug and remove your changes from the Email validator.

Posted by Adam Lundrigan (adamlundrigan) on 2011-07-30T01:32:32.000+0000

Reverted r24125 and r24124 from SVN repo in r24304 and r24305, respectively.

Posted by Adam Lundrigan (adamlundrigan) on 2011-07-30T02:01:05.000+0000

Issue will be fixed once backporting of GH-229 is completed (see ZF-6363)

Posted by Thomas Weidner (thomas) on 2011-08-25T20:29:33.000+0000

Fixed in ZF2 with GH-279

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.