CodeSOD: Where You At?

Validating email addresses according to the actual email specification is more complicated than you usually think. Most homebrew validation tends to just get something that's relatively close, because hitting all the rules requires some fancy regex work. And honestly, for most applications, "pretty close to correct" is probably fine. If you actually care about collecting valid email addresses, you'll need to actually send mail to the address and have the user confirm receipt to "prove" that the email address is real, valid, and actually accessible.

Still, some "close enough" solutions are better than others. Jon found this C# code:

public bool EmailIsValid(String email) { //Set defaults bool isValid = false; //Check email if (email.Contains("@") == true) { if (email.Contains(".") == true) { isValid = true; } } //Return return isValid; }

In terms of overall style, this is one of those functions that seems written to hit all the things that annoy me to see in code, except nested ternaries. Checking if boolean functions == true. Nesting conditions. Adding intermediate variables that don't need to be there. The entire thing could be compressed into email.Contains("@") && email.Contains("."). It'd still be wrong, but at least it'd be readable.

In any case, while I tend to be forgiving of mildly incorrect email address validation, this one misses a lot of cases. A lot. And if you think it's not a WTF, then you can contact me at my new email address, @. and share your opinion.

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.

This post originally appeared on The Daily WTF.

Comments are closed.