Why are people using regexp for email and other complex validation?

Question

There are a number of email regexp questions popping up here, and I\'m honestly baffled why people are using these insanely obtuse matching expressions rather than a very si

Answer 1

The temptation of using RegExp, once you've mastered the basics, is very big. In fact, RegExp seems so powerful that people naturally want to start using it everywhere. I really suspect that there's a lot of psychology involved here, as demonstrated by Randall's XKCD comic (and yes, it is useful).

I've done an introductory presentation on RegExp once and the most important slide warned against its overuse. It was the only slide that used bold font. I believe this should be done more often.

Answer 2

Using regular expressions for this is not a good idea, as has been demonstrated at length in those other posts.

I suppose people keep doing it because they don't know any better or don't care.

Will a parser be any better? Maybe, maybe not.

I maintain that sending a verification e-mail is the best way to validate it. If you want to check anything from JavaScript, then check that it has an '@' sign in there and something before and after it. If you go any stricter than that, you risc running up against some syntax you didn't know about and your validator will become overly restrictive.

Also, be careful with that TLD validation scheme of yours, you might find that you are assuming too much about what is allowed in a TLD.

Answer 3

We're just looking for a fast way to see if the email address is valid so that we can warn the user they have made a mistake or prevent people from entering junk easily. Going off to the mail server and fingering it is slow and unreliable. The only real way to be sure is to get a confirmation email, but the problem is only to give a fast response to the user before the confirmation process takes place. That's why it's not so important to be strictly compliant. Anyway, it's a challenge and it's fun.

Answer 4

and then validates those against the valid characters allowed for name (there's no further check that can be done on this portion)

This is not true. For example, "ben..doom@gmail.com" contains only valid characters in the name section, but is not valid.

In languages that do not have libraries for email validation, I generally use regex becasue

1. I know regex, and find it easy to use
2. I have many friends who know regex, and I can collaborate with
3. It's fast for me to code, and me-time is more expensive than processor-time for most applications
4. For the majority of email addresses, it works.

I'm sure many built-in libraries do use your approach, and if you want to cover all the possibilities, it does get ridiculous. However, so does your parser. The formal spec for email addresses is absurdly complex. So, we use a regex that gets close enough.

Answer 5

People write regular expressions because most developers like so solve a simple problem in the most "cool" en "efficient" way (which means that it should be as unreadable as possible).

In Java, there are libraries to check if a String represents an email address without you having to know anything about regular expressions. These libraries should be available for other languages aswel.

Like Jamie Zawinski said in 1997: "Some people, when confronted with a problem, think "I know, I'll use regular expressions." Now they have two problems."

Answer 6

Regexs that catch most (but not all) common error are relatively easy to setup and deploy. Takes longer to write a custom parser.