Asked  2 Years ago    Answers:  5   Viewed   64 times

I would like to know of the possible ways to block disposable email addresses from registering in my website.

For simplicity, let's take the example where the registration form of the website is done with HTML and PHP.

Any ideas, solutions or suggestions would be greatly appreciated.

 Answers

4

This is tough, because neither whitelisting nor blacklisting are an option.

By whitelisting certain domains, you disallow people with email domains that are unknown to you (but might be perfectly valid), while by blacklisting you have to update the list of blacklisted domains on a daily basis, since new "10 minute email" domains emerge every day.

Please note that temporary email addresses are invented for a way of saying: "Hey, I don't trust this website with my own email adrress", so you're most probably not going to trick users that are willing to hide their real address since they've got a valid reason to do so.

Can't you adopt and implement something like OpenID?

Tuesday, December 6, 2022
1

A much better approach to validating the emails, would be to use the built in filters intended for that sort of thing

<?php

    include '/connect.php'; //connects to mysql

    $email = mysqli_real_escape_string($connect, $_POST['email']);

    $check = mysqli_query($connect, "SELECT email FROM users WHERE email='$email'");
    $check_num_rows = mysqli_num_rows($check);

    if ( filter_var($email, FILTER_VALIDATE_EMAIL) ) {
        if ($check_num_rows==0) {
            echo 'Email valid';
        } elseif ($check_num_rows==1) {
            echo 'Email already registered';
        }
    } else {
        echo 'Please enter a valid email';
    }
?>

The reason your code doesn't work, is because PHP doesn't have a str or indexOf method, you should be using something like strpos instead

if (strpos($email, '@') === false) { ...
Monday, August 1, 2022
3

If you validation script and form code are in this same file you can just put $_POST values into form.

<?php
$field1 = '';
$field2 = '';
...
$field5 = '';
if($_SERVER['REQUEST_METHOD']=="POST"){
    $field1 = $_POST['field1'];
    $field2 = $_POST['field2'];
    ...
    $field5 = $_POST['field5'];

    if(validation is true){
     //do something
    }
}
    ?>

    <form method="post">
       <input type="text" name="field1" value="<?= $field1 ?>" >
       <input type="text" name="field2" value="<?= $field2 ?>" >
        ...
       <input type="text" name="field5" value="<?= $field5 ?>" >
       <input type="submit" value="submit" >
    </form>

EDITED after comment RiggsFolly.

Wednesday, December 7, 2022
 
4

There is a text in comments of that script:

Step 2:

Enter your email address.

After comments block there is a line:

$my_email = "delete these words and put the email address only in here between the quotes";

Suppose you have harcoded address instead of "delete these ....". You should simply replace that line with:

$my_email = !empty($_REQUEST['recepient_email_field_name']) ? $_REQUEST['recepient_email_field_name'] : "default email address";

Where recepient_email_field_name is name of a field on a form where user should enter his email and default email address should be replaced with that email you have there currently.

Tuesday, October 4, 2022
 
1

You'll have to dig into preg_match() function.

Searches subject for a match to the regular expression given in pattern.

For example :

$email = "[email protected]";
$result = preg_match('/^x[d]{8}@student.ncirl.ie$/', $email);

if ($result) {
    ...
    do some stuff
    ...
}

The test of the regular expression on regex101.

The explanations :

^ asserts position at start of the string

x matches the character x literally (case sensitive)

Match a single character present in the list below :

[d]{8}

{8} Quantifier — Matches exactly 8 times

d matches a digit (equal to [0-9])

@student matches the characters @student literally (case sensitive)

. matches the character . literally (case sensitive)

ncirl matches the characters ncirl literally (case sensitive)

. matches the character . literally (case sensitive)

ie matches the characters ie literally (case sensitive)

$ asserts position at the end of the string, or before the line terminator right at the end of the string (if any)

Hope it helps.

Friday, September 16, 2022
 
perchik
 
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
 

Browse Other Code Languages