PHP’s built-in validation/sanitation … who knew?

So apparently PHP has built-in validation/sanitation? How come nobody ever told me?! And why are so many people writing email validation regex? Find a sample email validation in the PHP docs.

That being said, the built-in validation isn’t perfect. Run the outlier cases cited in Phil Haack’s email RFC article to see the few instances where PHP fails. Are you likely to run into these outliers in the wild? No, but it’d still be nice to have completely accurate validation. We may not produce perfect code, but we should at least strive for that.

You can test PHP’s built-in validation on functions-online. Compare how it does against Cal Henderson’s RFC822 Email Address Parser.