What's wrong with this code, part 8 - Email Address Validation
It's time for another "What's wrong with this code".
Today's example is really simple, and hopefully easy. It's a snippet of code I picked up from the net that's intended to validate an email address (useful for helping to avoid SQL injection attacks, for example).
/// <summary> /// Validate an email address provided by the caller. /// /// Taken from https://www.codeproject.com/aspnet/Valid_Email_Addresses.asp /// </summary> public static bool ValidateEmailAddress(string emailAddress) { string strRegex = @"^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}" + @"\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\" + @".)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$"; System.Text.RegularExpressions.Regex re = new System.Text.RegularExpressions.Regex(strRegex); if (re.IsMatch(emailAddress)) return (true); else return (false); }
As always, my next post (Monday) will include the answers and kudos to all those who got it right (and who f