WingNews logo WingNews
top | item 31093206

(no title)

coolhoody | 3 years ago

This won't be popular, but:

1. An experienced dev just killed 54k stars on GitHub due to pressing a button in an auto-pilot mode. Do you think a Joe High who wants to give you $100 won't ever type '2' instead of '@'? What about an old lady? Or someone with physical difficulties? Have you personally ever made a typo in an email?

2. That code in the article is not color highlighted (rainbowed for Regex) or formatted properly. If I write something in any language in one line without highlighting — it'd look unreadable as well.

3. A Regex for this specific purpose is write-once-and-forget. You won't need to edit it for 20 years.

4. Regex — for practical tasks — is way easier than it's being painted. Not easy — just not as hard as some suggest.

5. I'm not a Regex fanboy (nobody is).

discuss

order

goto11|3 years ago

Sure, but the most common typos would just result in a wrong address which is still syntactically valid. That is why the address should be verified by sending an actual mail for important stuff. This is also the only way to protect against fake addresses, since anyone can come up with a fake address which is still syntactically valid.

I do like to check for '@' to enure the user have not entered their name or something by mistake, but beyond that the syntactic validation does not provide any value.

Cthulhu_|3 years ago

Simple validation is easy enough to implement and will cover 99% of cases. For the rest you use verification, have the user activate their account before doing anything.

Which is a pet peeve of mine; I've got an older e-mail address that probably ended up on some list, now there's people from Thailand and the UAE registering accounts using that e-mail address. Now while my account is still secure (2FA, long password, the works), it doesn't stop people from using it. Services like this one webshop and Deezer and probably a few others do not wait for e-mail verification before allowing users to place orders or use their service, or at least the free trial part of it.

sverhagen|3 years ago

Agreed. And while I wouldn't attempt creating a regex for email addresses -- if I really felt I needed that, I think that's what libraries are for, not my job -- I have used plenty of regexes in useful and successful ways. I wanted to really add to your "you won't need to edit it for 20 years" comment that the regex should also be anchored with a unit test, that demonstrates the usages you designed for (and maybe a few negative tests to show what you specifically didn't intend to solve).

simion314|3 years ago

>You won't need to edit it for 20 years

I won't bet my life on it but probably some other sucker will have to fix it. This happened to me where I found a regex that was validating urls was incorrect after urls were allowed to contain unicode stuff (I do not remember the details just that we had an url from a customer that contained arabic looking characters)

IMO the language standard library should include this stuff of validating stuff to avoid developers copy pasting dubious quality regex from Stack Overflow

turminal|3 years ago

> 5. I'm not a Regex fanboy (nobody is).

I am :)

carlmr|3 years ago

Me, too! They can be complex or wrong, but just as often they're a decently simple way that every programmer understands to check something.