sanitize_email

Strips out all characters that are not allowable in an email.

Description

(string) sanitize_email( (string) $email ); 

Returns (string)

Filtered email address.

Parameters (1)

0. $email (string)
Email address to filter.

Usage

  1. if ( !function_exists( 'sanitize_email' ) ) { 
  2. require_once ABSPATH . WPINC . '/formatting.php'; 
  3.  
  4. // Email address to filter. 
  5. $email = ''; 
  6.  
  7. // NOTICE! Understand what this does before running. 
  8. $result = sanitize_email($email); 
  9.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/formatting.php  
  1. function sanitize_email( $email ) { 
  2. // Test for the minimum length the email can be 
  3. if ( strlen( $email ) < 3 ) { 
  4. /** 
  5. * Filters a sanitized email address. 
  6. * This filter is evaluated under several contexts, including 'email_too_short',  
  7. * 'email_no_at', 'local_invalid_chars', 'domain_period_sequence', 'domain_period_limits',  
  8. * 'domain_no_periods', 'domain_no_valid_subs', or no context. 
  9. * @since 2.8.0 
  10. * @param string $email The sanitized email address. 
  11. * @param string $email The email address, as provided to sanitize_email(). 
  12. * @param string $message A message to pass to the user. 
  13. */ 
  14. return apply_filters( 'sanitize_email', '', $email, 'email_too_short' ); 
  15.  
  16. // Test for an @ character after the first position 
  17. if ( strpos( $email, '@', 1 ) === false ) { 
  18. /** This filter is documented in wp-includes/formatting.php */ 
  19. return apply_filters( 'sanitize_email', '', $email, 'email_no_at' ); 
  20.  
  21. // Split out the local and domain parts 
  22. list( $local, $domain ) = explode( '@', $email, 2 ); 
  23.  
  24. // LOCAL PART 
  25. // Test for invalid characters 
  26. $local = preg_replace( '/[^a-zA-Z0-9!#$%&\'*+\/=?^_`{|}~\.-]/', '', $local ); 
  27. if ( '' === $local ) { 
  28. /** This filter is documented in wp-includes/formatting.php */ 
  29. return apply_filters( 'sanitize_email', '', $email, 'local_invalid_chars' ); 
  30.  
  31. // DOMAIN PART 
  32. // Test for sequences of periods 
  33. $domain = preg_replace( '/\.{2, }/', '', $domain ); 
  34. if ( '' === $domain ) { 
  35. /** This filter is documented in wp-includes/formatting.php */ 
  36. return apply_filters( 'sanitize_email', '', $email, 'domain_period_sequence' ); 
  37.  
  38. // Test for leading and trailing periods and whitespace 
  39. $domain = trim( $domain, " \t\n\r\0\x0B." ); 
  40. if ( '' === $domain ) { 
  41. /** This filter is documented in wp-includes/formatting.php */ 
  42. return apply_filters( 'sanitize_email', '', $email, 'domain_period_limits' ); 
  43.  
  44. // Split the domain into subs 
  45. $subs = explode( '.', $domain ); 
  46.  
  47. // Assume the domain will have at least two subs 
  48. if ( 2 > count( $subs ) ) { 
  49. /** This filter is documented in wp-includes/formatting.php */ 
  50. return apply_filters( 'sanitize_email', '', $email, 'domain_no_periods' ); 
  51.  
  52. // Create an array that will contain valid subs 
  53. $new_subs = array(); 
  54.  
  55. // Loop through each sub 
  56. foreach ( $subs as $sub ) { 
  57. // Test for leading and trailing hyphens 
  58. $sub = trim( $sub, " \t\n\r\0\x0B-" ); 
  59.  
  60. // Test for invalid characters 
  61. $sub = preg_replace( '/[^a-z0-9-]+/i', '', $sub ); 
  62.  
  63. // If there's anything left, add it to the valid subs 
  64. if ( '' !== $sub ) { 
  65. $new_subs[] = $sub; 
  66.  
  67. // If there aren't 2 or more valid subs 
  68. if ( 2 > count( $new_subs ) ) { 
  69. /** This filter is documented in wp-includes/formatting.php */ 
  70. return apply_filters( 'sanitize_email', '', $email, 'domain_no_valid_subs' ); 
  71.  
  72. // Join valid subs into the new domain 
  73. $domain = join( '.', $new_subs ); 
  74.  
  75. // Put the email back together 
  76. $email = $local . '@' . $domain; 
  77.  
  78. // Congratulations your email made it! 
  79. /** This filter is documented in wp-includes/formatting.php */ 
  80. return apply_filters( 'sanitize_email', $email, $email, null );