EmailValidator.php 8.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217
  1. <?php
  2. /**
  3. * @link https://www.yiiframework.com/
  4. * @copyright Copyright (c) 2008 Yii Software LLC
  5. * @license https://www.yiiframework.com/license/
  6. */
  7. namespace yii\validators;
  8. use Yii;
  9. use yii\base\ErrorException;
  10. use yii\base\InvalidConfigException;
  11. use yii\helpers\Json;
  12. use yii\web\JsExpression;
  13. /**
  14. * EmailValidator validates that the attribute value is a valid email address.
  15. *
  16. * @author Qiang Xue <qiang.xue@gmail.com>
  17. * @since 2.0
  18. */
  19. class EmailValidator extends Validator
  20. {
  21. /**
  22. * @var string the regular expression used to validate the attribute value.
  23. * @see https://www.regular-expressions.info/email.html
  24. */
  25. public $pattern = '/^[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+)*@(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$/';
  26. /**
  27. * @var string the regular expression used to validate email addresses with the name part.
  28. * This property is used only when [[allowName]] is true.
  29. * @see allowName
  30. */
  31. public $fullPattern = '/^[^@]*<[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+)*@(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?>$/';
  32. /**
  33. * @var string the regular expression used to validate the part before the @ symbol, used if ASCII conversion fails to validate the address.
  34. * @see https://www.regular-expressions.info/email.html
  35. * @since 2.0.42
  36. */
  37. public $patternASCII = '/^[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+)*$/';
  38. /**
  39. * @var string the regular expression used to validate email addresses with the name part before the @ symbol, used if ASCII conversion fails to validate the address.
  40. * This property is used only when [[allowName]] is true.
  41. * @see allowName
  42. * @since 2.0.42
  43. */
  44. public $fullPatternASCII = '/^[^@]*<[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&\'*+\\/=?^_`{|}~-]+)*$/';
  45. /**
  46. * @var bool whether to allow name in the email address (e.g. "John Smith <john.smith@example.com>"). Defaults to false.
  47. * @see fullPattern
  48. */
  49. public $allowName = false;
  50. /**
  51. * @var bool whether to check whether the email's domain exists and has either an A or MX record.
  52. * Be aware that this check can fail due to temporary DNS problems even if the email address is
  53. * valid and an email would be deliverable. Defaults to false.
  54. */
  55. public $checkDNS = false;
  56. /**
  57. * @var bool whether validation process should take into account IDN (internationalized domain
  58. * names). Defaults to false meaning that validation of emails containing IDN will always fail.
  59. * Note that in order to use IDN validation you have to install and enable `intl` PHP extension,
  60. * otherwise an exception would be thrown.
  61. */
  62. public $enableIDN = false;
  63. /**
  64. * @var bool whether [[enableIDN]] should apply to the local part of the email (left side
  65. * of the `@`). Only applies if [[enableIDN]] is `true`.
  66. * @since 2.0.43
  67. */
  68. public $enableLocalIDN = true;
  69. /**
  70. * {@inheritdoc}
  71. */
  72. public function init()
  73. {
  74. parent::init();
  75. if ($this->enableIDN && !function_exists('idn_to_ascii')) {
  76. throw new InvalidConfigException('In order to use IDN validation intl extension must be installed and enabled.');
  77. }
  78. if ($this->message === null) {
  79. $this->message = Yii::t('yii', '{attribute} is not a valid email address.');
  80. }
  81. }
  82. /**
  83. * {@inheritdoc}
  84. */
  85. protected function validateValue($value)
  86. {
  87. if (!is_string($value)) {
  88. $valid = false;
  89. } elseif (!preg_match('/^(?P<name>(?:"?([^"]*)"?\s)?)(?:\s+)?(?:(?P<open><?)((?P<local>.+)@(?P<domain>[^>]+))(?P<close>>?))$/i', $value, $matches)) {
  90. $valid = false;
  91. } else {
  92. if ($this->enableIDN) {
  93. if ($this->enableLocalIDN) {
  94. $matches['local'] = $this->idnToAsciiWithFallback($matches['local']);
  95. }
  96. $matches['domain'] = $this->idnToAscii($matches['domain']);
  97. $value = $matches['name'] . $matches['open'] . $matches['local'] . '@' . $matches['domain'] . $matches['close'];
  98. }
  99. if (strlen($matches['local']) > 64) {
  100. // The maximum total length of a user name or other local-part is 64 octets. RFC 5322 section 4.5.3.1.1
  101. // https://datatracker.ietf.org/doc/html/rfc5321#section-4.5.3.1.1
  102. $valid = false;
  103. } elseif (strlen($matches['local'] . '@' . $matches['domain']) > 254) {
  104. // There is a restriction in RFC 2821 on the length of an address in MAIL and RCPT commands
  105. // of 254 characters. Since addresses that do not fit in those fields are not normally useful, the
  106. // upper limit on address lengths should normally be considered to be 254.
  107. //
  108. // Dominic Sayers, RFC 3696 erratum 1690
  109. // https://www.rfc-editor.org/errata_search.php?eid=1690
  110. $valid = false;
  111. } else {
  112. $valid = preg_match($this->pattern, $value) || ($this->allowName && preg_match($this->fullPattern, $value));
  113. if ($valid && $this->checkDNS) {
  114. $valid = $this->isDNSValid($matches['domain']);
  115. }
  116. }
  117. }
  118. return $valid ? null : [$this->message, []];
  119. }
  120. /**
  121. * @param string $domain
  122. * @return bool if DNS records for domain are valid
  123. * @see https://github.com/yiisoft/yii2/issues/17083
  124. */
  125. protected function isDNSValid($domain)
  126. {
  127. return $this->hasDNSRecord($domain, true) || $this->hasDNSRecord($domain, false);
  128. }
  129. private function hasDNSRecord($domain, $isMX)
  130. {
  131. $normalizedDomain = $domain . '.';
  132. if (!checkdnsrr($normalizedDomain, ($isMX ? 'MX' : 'A'))) {
  133. return false;
  134. }
  135. try {
  136. // dns_get_record can return false and emit Warning that may or may not be converted to ErrorException
  137. $records = dns_get_record($normalizedDomain, ($isMX ? DNS_MX : DNS_A));
  138. } catch (ErrorException $exception) {
  139. return false;
  140. }
  141. return !empty($records);
  142. }
  143. private function idnToAscii($idn)
  144. {
  145. if (PHP_VERSION_ID < 50600) {
  146. // TODO: drop old PHP versions support
  147. return idn_to_ascii($idn);
  148. }
  149. return idn_to_ascii($idn, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46);
  150. }
  151. /**
  152. * {@inheritdoc}
  153. */
  154. public function clientValidateAttribute($model, $attribute, $view)
  155. {
  156. ValidationAsset::register($view);
  157. if ($this->enableIDN) {
  158. PunycodeAsset::register($view);
  159. }
  160. $options = $this->getClientOptions($model, $attribute);
  161. return 'yii.validation.email(value, messages, ' . Json::htmlEncode($options) . ');';
  162. }
  163. /**
  164. * {@inheritdoc}
  165. */
  166. public function getClientOptions($model, $attribute)
  167. {
  168. $options = [
  169. 'pattern' => new JsExpression($this->pattern),
  170. 'fullPattern' => new JsExpression($this->fullPattern),
  171. 'allowName' => $this->allowName,
  172. 'message' => $this->formatMessage($this->message, [
  173. 'attribute' => $model->getAttributeLabel($attribute),
  174. ]),
  175. 'enableIDN' => (bool) $this->enableIDN,
  176. ];
  177. if ($this->skipOnEmpty) {
  178. $options['skipOnEmpty'] = 1;
  179. }
  180. return $options;
  181. }
  182. /**
  183. * @param string $value
  184. * @return string|bool returns string if it is valid and/or can be converted, bool false if it can't be converted and/or is invalid
  185. * @see https://github.com/yiisoft/yii2/issues/18585
  186. */
  187. private function idnToAsciiWithFallback($value)
  188. {
  189. $ascii = $this->idnToAscii($value);
  190. if ($ascii === false) {
  191. if (preg_match($this->patternASCII, $value) || ($this->allowName && preg_match($this->fullPatternASCII, $value))) {
  192. return $value;
  193. }
  194. }
  195. return $ascii;
  196. }
  197. }