Name Validation Regex for People’s Names

Q: Have you ever been unable to type your name correctly into a website form, because their validation didn’t like your names’ “special” characters? I need some data for a project. Just reply to this tweet with your name, like so

givenName=”andrew”
surname=”woods”

#webdev

Source: My Tweet

I didn’t receive as many responses with name data as I hoped. So, in the mean time, I’ll have to create some test data for some permutations that I know I want to test for. My plan is to start with that, and adapt as hopefully more people contribute name examples. A couple of people did refer me to an article about assumptions that developers make about people’s names. It’s worth reading over it. At some point, you have to make decisions to be able to write your code. As you get data, update your code to handle it. We all start somewhere. If you have a customer support team, ask them for data about customer issues dealing with name problems.

Validation Is Necessary

Validation is a necessary process in processing data, especially when collecting data from an unknown source. We want prevent bad data from entering our system. Spam-bots are a huge problem on the web. There’s also the problem of people deliberately trying to hack our system by injecting SQL. So validation needs to be done. I’ve been looking into how to improve upon what people do to handle name data. Using of regular expressions isn’t the problem. It’s developers not making the most of their capabilities.

In this article, we’ll walk through the process of building up a regular expression, and discuss the various decision points along the way. This should help you adapt the name validation regex to meet your specific needs.

Prerequisites

• First and last names can be processed separately
• No restrictions on length

Separate Processing

Some people think having a single name field is the best strategy. That might be true from an cultural/anthropological perspective. However, I’d argue that many systems have separate fields for first name and last name. We need to work with certain constraints and to prioritize our efforts accordingly. By the way, first name and last name are terrible terms. It’s better to refer to them as given name and surname, respectively. The term family name is also a good substitute for last name. Only in America do we think it’s perfectly normal to say stupid shit like write you last name first. WTF?! but I digress …

So, as I was saying, most systems have separate fields for given name and family name. Since they’re stored that way, it’s best to capture them separately. This is the most flexible solution, programmatically speaking. It’s much easier to keep them separate — and only join the pieces together as needed — than it is to separate them into pieces. If you were to provide a single field in the form, then you have the headache of trying to figure out where the given name stops and the family name begins. Parsing the full name into separate parts is a problem you don’t want to have to worry about. It’s also one that you can easily avoided by capturing them as separate fields. Allow your customer to tell you what their given name and family name are. Our job is to make sure is to make sure they can tell us their name as accurately as possible. Just do your best, within the constraints of your environment.

No Restrictions On Length

Names vary greatly across cultures. Some people have a one word last name e.g. Woods. Other  people have a multi word last name e.g de la Hoya. Some people have a hyphenated last name e.g. Thorne-Smith. In some cultures they have multiple first names and multiple last names. That’s OK. We can account for those conditions within our regular expression.

Building the Name Validation Regex

It’s worth remembering that regular expressions are different beast than other functions. A regex is for examining the structure or format of the data. We aren’t interested in evaluating the contents of the customers name. To a regular expression it doesn’t matter if someone’s name is Smith, Moreau, or Castillo. We don’t care if our customers’ surnames are formed by using their maternal ancestors surnames 5 generations deep. That’s an issue for nerds of a different variety, to worry about. When you get down to it, regular expressions care about one thing — what does the data looks like? That what we care about.

• What types of characters are there?
• How many of them are allowed?
• What is their format?
• Does it look like we expect it to?
• Does it appear to be reasonable for our purposes?

As we walk through the process of building the name regular expression, I’ll discuss the varying assumptions so that you can adapt things to your process. This code is in PHP, but it should largely be compatible with JavaScript – because they’re both based on Perl – so you can adapt this to your client side scripts.

Our Starting Point

We need a simple function to do the validation. All we need is a Boolean response. Our initial name validation regex contains something like what most people are currently using.

function isNameValid($name) { 
    $pattern = '/^\w+/'; 
    if (preg_match($pattern, $name)) {
        return true; 
    } 
    return false; 
}

Most web developers dislike working with forms, and regular expressions are considered, by many, to be a dark magic best avoided. Since this problem uses both, it’s no wonder most developers don’t spend much time on it. Let’s examine the expression. In it’s current form, it’s too simplistic. It says that only word characters are valid. That means no spaces, no apostrophes, and no umlauts, accents, or hyphens. Word characters are limited to the English alphabet, digits, and underscores. There are millions of people with names who’ll successfully pass this regex. However, there are millions more whose names will fail. So we have some work to do!

Remove Digits and Underscores

We probably don’t want to allow numbers or underscores. If the name contains either of those, it’s probably a login and not a person’s name. So we need to modify the regex.

   $pattern = '/^[A-Za-z]+/';

Allow Multiple Words

There’s a whole a lot of people who have more than one word in their last name. For example, the famous rock guitarist Eddie Van Halen comes to mind. Let’s update our regex to allow multiple words.

    $pattern = '/^[A-Za-z]+([\ A-Za-z]+)*/';

The [\ A-Za-z]+ within the parentheses is just like the character class above, with the space added. The surrounding ()* says the contents within can occur 0 or more times. Now the names Woods, Van Halen, and De La Hoya will all match. That’s a good start. However we can make some more improvements.

Add Apostrophe and Hyphen Support

Some name have hyphens, some have apostrophes. Let’s add support for these characters now. There probably aren’t any names that start with these characters. Names like O’Donnell or Jones-Smith have these characters, but the special characters aren’t the first character. If the apostrophe or hyphen is the first character, something is probably wrong. Let’s update the regex.

    $pattern = '/^[A-Za-z][A-Za-z\'\-]+([\ A-Za-z][A-Za-z\'\-]+)*/';

The downside is that these special characters can be duplicated. So, something like O”Donnell with the two apostrophes can slip through and would be considered valid. In the spirit of Postel’s Law, I think it’s worth it. If it’s really a problem for you, create a separate function to remove duplicated apostrophes and hyphens before getting to this function.

Adding Extended ASCII Character Support

There a number of names in European languages that will fail using our current regular expression. Any name that uses an accent, ñ, or an umlaut. Numerous Spanish, French, German, Dutch, and Nordic names fall into this category. To enable support for these names, we need to dig into the Unicode Character chart. The Latin-1 Supplemental range is 0080-00FF. That’s the full range. However, there are bunch of control codes, money symbols, punctuation, and math-y bits we’d like to skip. So we’ll shorten the range to 00C0-00FF. These characters should be allowed to occur anywhere in their name. We can have names like Kevin ßáçøñ now! I know what you’re thinking! Did I really just spell out the name Bacon using these supplemental Latin characters? Yes, yes I did! I even added a strip of bacon on top of the n just for you :)

    $pattern = '/^[A-Za-z\x{00C0}-\x{00FF}][A-Za-z\x{00C0}-\x{00FF}\'\-]+([\ A-Za-z\x{00C0}-\x{00FF}][A-Za-z\x{00C0}-\x{00FF}\'\-]+)*/u';