Closed Gerych1984 closed 7 months ago
Could be. Likely that's because native functions are too strict but I don't remember the reason for regex.
Because native functions work incorrectly in same edge cases.
For example:
$value = '"attacker\"\ -oQ/tmp/\ -X/var/www/cache/phpcode.php"@email.com';
filter_var($value, FILTER_VALIDATE_EMAIL) !== false; // Valid, but really it's invalid.
$value = '020';
filter_var($value, FILTER_VALIDATE_INT) !== false; // Invalid, but really it's correct integer number.
$value = 'http://example.com:?test';
filter_var($value, FILTER_VALIDATE_URL) !== false; // Valid, but really it's invalid.
Good day. I have a question that has been lingering since version 2 - why url/email/numeric validators use own regulars instead of native functions? It seems that their built in functionality is enough to cover the validator's needs. Thanks