It’s Festive Season! Enjoy 30% Off

Use code FESTIVE30 at checkout

Code has been added to clipboard!

Getting the Right Data: Make PHP Validate Emails and URL Addresses

Reading time 3 min
Published Aug 8, 2017
Updated Oct 2, 2019

We learned how to create forms with required fields to retrieve necessary information from users. Now, we must understand how to make sure that input fields are not only filled but whether the information submitted is valid.

PHP form validation is extremely important if developers wish to receive information from users. That is why we will introduce you to the PHP filter_var() function. You will also get familiar with PHP preg match function and learn to PHP validate email addresses, URL addresses, and nicknames.

PHP Validate Email, URL and Nickname: Main Tips

  • With PHP functions for validation of forms you can check e-mail and URL fields to make sure the input is valid.
  • This is crucial to any contact form where you require an email input or a link.
  • By using PHP preg_match() function, you can check whether a string holds a specific pattern.

Ways to Confirm Nickname

The example below reveals a way to check whether the field contains only letters and whitespace. If the input doesn't meet our conditions, an error message will be displayed:

Example
if (empty($_POST["name"])) {
  $name_error = "Nickname missing."; 
} else {
 $name = proc_input($_POST["name"]);
  // check if name doesn't contain unwanted characters
  if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
    $name_error = "Letters and spaces only.";
  } 
}

Note: PHP preg match is a function used for searching strings for patterns. It will return true in case the pattern you're looking for exists, and false otherwise.

Validation of Email Explained

When you use a PHP form to collect contact data, it is crucial to PHP validate email addresses. If this validation process is disregarded and skipped, you might end up with a bunch of addresses you can't use.

One of the best ways to PHP validate email input field is to use filter_var(). If the input doesn't meet set conditions, an error message will be displayed:

Example
if (empty($_POST["email"])) {
  $email_error = "Email missing.";
} else {
  $email = test_input($_POST["email"]);
  // check e-mail pattern
  if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    $email_error = "Email invalid."; 
  }
}

One more function you can use to make PHP validate email address is filter_validate_email. However, this option is not always as reliable as you would like it to be.

Theory is great, but we recommend digging deeper!

How URL Is Validated

By using the code in the example below, we can check if the input contains a valid URL address. Notice how dashes (/) are allowed in this case. If the input doesn't meet our conditions, an error message will be displayed.

See a simple example to get a better understanding of PHP URL validation:

Example
if (empty($_POST["website"])) {
  $website = "";
} else {
  $website = test_input($_POST["website"]);
  // check syntax of the URL (dashes allowed)
  if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
    $website_error = "URL Invalid.";
  }
}

Final Script

Let's view the final script of a PHP form validation. The code below includes validation of all three types of input: email addresses, URLs, and nicknames. Note how PHP preg match function is used to search for patterns in particular strings:

Example
<?php
  // Defining variables
  $nickname_error = $email_error = $website_error = "";
  $nickname = $email = $feedback = $website = "";
  if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (empty($_POST["name"])) {
      $name_error = "Nickname missing.";
    }
  } else {
    $name = proc_input($_POST["name"]);
    // check if name doesn't contain unwanted characters
    if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
      $name_error = "Letters and spaces only.";
    }
  }
  if (empty($_POST["email"])) {
    $email_error = "Email missing.";
  } else {
    $email = proc_input($_POST["email"]);
    // check e-mail pattern
    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
      $email_error = "Email invalid."; 
    } 
  }
  if (empty($_POST["website"])) {
    $website = "";
  } else {
    $website = proc_input($_POST["website"]);
    // check syntax of the URL (dashes allowed)
    if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)) {
      $website_error = "URL Invalid.";
    }
  }
  if (empty($_POST["feedback"])) {
      $feedback = "";
  } else {
    $feedback = proc_input($_POST["feedback"]);
  }
?>

PHP Validate Email, URL and Nickname: Summary

  • Making PHP validate e-mail and URL fields in your forms guarantees that the submitted details are correct.
  • Without performing validation, you might not be able to collect crucial data like contact information.
  • PHP preg match function is used to check if a specific pattern can be found in a particular string.
  • While filter_validate_email is precisely meant to make PHP validate emails, it does not always produce expected results.