miniBB ® miniBB®
miniBB Support Forums
 | Forums | Register | Search | Statistics | Manual |
Re-cycled miniBB Support Forums / Re-cycled /   

Blocking registration emails filtered by domain

Page  Page 2 of 2:  « Previous  1  2  
Author Jaime
Registered
#16 | Posted: 12 Jan 2014 14:53 
Also, you Marsbar, and everyone else, Happy New Year!

I had similar problems years ago with registration spam.

After that i have automatic registrations disabled. Per form, a request may be made by email. The conditions of the forum must be accepted and this will be confirmed by the return of an email again. Only after the registration is done manually.

But .. I do not become every day hundreds of user logins for my forum. Since i already have left the time for a manageable number of new and truly interested users. If not ... have to wait a few days before you are approved users sometimes. :) Since then, i have no problems with spam registration ... But. thats only my way ;-)

Author Paul
Lead Developer
#17 | Posted: 13 Jan 2014 09:02 
We're experiencing the same on miniBB forums, but I don't see lots of troubles with it. User's record doesn't take lots of space in database, comparing to forum's contents. Anyway this could be prevented by something... add-on or solution, not sure. Unfortunately I don't have free time for this now, so you're welcome to sponsor this extension, if you feel something customized is needed for your forum.

Author tom322
Registered
#18 | Posted: 26 May 2014 23:20 | Edited by: tom322 
Based on Paul's code I came up with this small code that needs to be pasted in bb_plugins.php file. You can add domains you don't want your users to use when signing up for an account:

/* Restricting users from registering from disallowed domains */

$forbidden_parts=array('spambuster.com', 'mail.ru', 'gmail.com');
$disUser=FALSE;
if($user_id==0 and ($action=='register' or $action=='registernew')){
foreach($forbidden_parts as $f)
if($_SERVER['REQUEST_METHOD'] == "POST" && strtolower(substr_count($_POST['email'], $f)>0)) {
$disUser=TRUE;
break;
}
}

if($disUser){
$errorMSG='You are not allowed to use an email from this domain: '.$f.'.';
$correctErr=$backErrorLink;
$title=$l_accessDenied;
$metaRobots='NOINDEX,NOFOLLOW';
echo load_header();
echo ParseTpl(makeUp('main_warning'));
echo ParseTpl(makeUp('main_footer'));
exit;
}

With this solution it's also easy to allow certain domains ONLY for registration :)

Author tom322
Registered
#19 | Posted: 27 May 2014 01:09 | Edited by: tom322 
Correction to the code above - this line:

&& strtolower(substr_count($_POST['email'], $f)>0)

should better be:

&& substr_count(strtolower($_POST['email']), $f)>0)

(and make sure the items in $forbidden_parts are all small caps).

Author Paul
Lead Developer
#20 | Posted: 27 May 2014 13:48 
Thanks, Tom. I think, in addition there should be something related to profile editing actions as well. Despite I understand this solution is mostly to prevent false registrations, if we talk about "valid" emails, in general, they may be changed after the profile has been already registered, to something else.

Also, this statement:

if($_SERVER['REQUEST_METHOD'] == "POST"
...

is a bit spare. In the condition, you should just catch the actions which already provide the posting behavior, i.e. they could be just 'register' and 'editprefs'.

Well, if we look into this more deeper, the solution would be even better, if it would throw not a "critical warning", but something on the profile form, in the style of other errors appearing now (i.e. above the form). Addresses like gmail.com could be also registered by human users. Then they would be preferred to keep their current form information with no coming back, while it could be just lost.

Author tom322
Registered
#21 | Posted: 27 May 2014 17:55 
Ok, so here is the improved code that should include profile editing. You're right it would be much better that the error shows right on the same page in (assigned to {$warning} variable), but I'm not sure how to do it, I tried but got some warnings..

/* Restricting users from registering from disallowed domains */

$forbidden_parts=array('spambuster.com', 'mail.ru', 'gmail.com');
$disUser=FALSE;
if($user_id==0 and ($action=='register' or $action=='registernew' or $action=='prefs')){
foreach($forbidden_parts as $f)
if(substr_count(strtolower($_POST['email']), $f)>0) {
$disUser=TRUE;
break;
}
}

if($disUser){
$errorMSG='You are not allowed to use an email from this domain: '.$f.'.';
$correctErr=$backErrorLink;
$title=$l_accessDenied;
$metaRobots='NOINDEX,NOFOLLOW';
echo load_header();
echo ParseTpl(makeUp('main_warning'));
echo ParseTpl(makeUp('main_footer'));
exit;
}


Author Paul
Lead Developer
#22 | Posted: 4 Aug 2015 19:09 | Edited by: Paul 
The thread is being continued in the updated topic.

Page  Page 2 of 2:  « Previous  1  2 
Re-cycled miniBB Support Forums / Re-cycled / Blocking registration emails filtered by domain Top
This topic is closed. New replies are not allowed.
 
 
miniBB Support Forums Powered by Forum Software miniBB ® Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contacts
Check out the Captcha add-on: protect your miniBB-forums from the automated spam and flood.
Captcha Addon for miniBB