Emailvalidator allows invalid emails

[sdm]

The Kauri forms emailvalidator allows invalid emails.
The following example is accepted as a valid emailaddress:

sdf@…@sdf....sdfsdf----+++564|@@@@99;;;;;

The only emailaddresses that are considered invalid are the ones that don't have an at-character (@) nor a dot-character (.)

[mpo]

Can you provide a test-case for this? (or extend the tests for email-validation if those should exist already, haven't checked now)

And then maybe list some more essential samples you want to have validated correctly.

I vaguely remember grabbing some rather complete email regex for this from the web, if anyone finds a more suitable one, I'm all ears.

[mpo]

added tests in r1888
cannot reproduce the described behaviour

[sdm]

I haven't had time yet to provide a testcase that proves my claims, but you can easily see the problem if you copy-paste my invalid email sample into the emailfield of the basic-controls1.html form in the kauri-forms-sample.

I've noticed that sometimes invalid emails are correctly validated as invalid, but I'm not sure why they're mostly considered as valid.

[mpo]

screenshot test result

[mpo]

Testing some more as you can see in the recent attachment.
Found that ffx does show the problem and adds a warning on the js console:

The 'charCode' property of a keyup event should not be used. The value is meaningless.

Dunno if it is related but this should at least give some info to work on.

In any case: the added tests in r1888 DO work ok on firefox as well, so at least the problem doesn't seem to originate in the validator itself.

[svr]

Just tested this issue and I must say I got the same problem. sdf@…@sdf....sdfsdf----+++564|@@@@99;;;;; gets through... But I don't see any errors/warnings (well, I see only CSS warnings but that's something different)

Tested on FF 3.6.16 and Chrome 10 on a Ubuntu install.

I've tried to build the r1888 with the tests and didn't get failures. But for the unit tests I see only Mozilla 1.8 and IE6 are tested. Am I correct?

Also the test contains "sdf@…@sdf....sdfsdf----+++564|@@@@99;;;;;" (which gets validated correctly on my browser) instead of the given "sdf@…@sdf....sdfsdf----+++564|@@@@99;;;;;" (which doesn't validate correctly). Trac somehow shortens that strings (see the ... char) so it's probably better to copy it from the mailing list...

Both strings do work in the unit test though... Probably because only Mozilla 1.8 is used instead of FF3?

[mpo]

Ah finally some light in this misty case:

This is an issue with the validator and in fact the nested regexp after all.
It all depends on what you test...

fails:

sdf@sdf.dsf@sdf....sdfsdf----+++564|@@@@99;;;;;

works:

sdf@…@sdf....sdfsdf----+++564|@@@@99;;;;;

Apparently some copy paste from trac (that also thinks this is an email address) got me on the wrong foot. Advise: use { { { preformatted text } } } in the issues.

Anyway: I we can agree that the claim that anything with . and @ will pass is invalid, right?

At least we have something to work with now, and this is the regexp to fix:
(from basic-validators.js)

// email regex from - http://www.regular-expressions.info/email.html
var EMAIL_REGEX = /[a-z0-9!#$%&\'*+\/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&\'*+\/=?^_\`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/i;

[mpo]

For completeness: some extra tests on this behaviour got held back in a bigger commit that upgrades qunit.

See r1896 >> file test-basic-validators.js

http://dev.outerthought.org/trac/outerthought_kauri/changeset/1896#file4

[sdm]

Fixed in r1889