Page 1 of 1
Email validation - restricting hotmail and yahoo addresses
Posted: Mon May 08, 2006 6:12 am
by hame22
Hi
In my member-based website I am trying to prevent users signing up using email addresses from hotmail and yahoo so as to prevent fraud.
My current email validation code is:
Code: Select all
elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
How would I need to change this to allow this validation?
thanks in advance
Posted: Mon May 08, 2006 6:30 am
by dibyendrah
The following code will prevent the uses from posting the hotmail or yahoo emails :
Code: Select all
elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[hotmail|yahoo]\.com)$", $email))
Not tested! But it might work ..

Posted: Mon May 08, 2006 9:01 am
by Roja
I would split it into two seperate goals: One to validate the format of the email correctly, and one to flag hotmal and yahoo as invalid.
I have
a ready made email validation function if you'd like to use it. Its RFC compliant, and its an exhaustive check.
For the hotmail and yahoo checks, just do a substr:
Code: Select all
if (strpos($email, "hotmail") || strpos($email, "yahoo))
{
// Mail is invalid.
}
Posted: Mon May 08, 2006 10:43 am
by hame22
Iv tried the sub_str approach but it does not accept any email addresess, any ideas why
here is my code:
Code: Select all
elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
{
$error = "2";
}
//elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[hotmail|yahoo]\.com)$", $email))
elseif (substr($email, "hotmail") || substr($email, "yahoo"))
{
// Mail is invalid.
$error = "10";
}
Posted: Mon May 08, 2006 11:21 am
by aerodromoi
hame22 wrote:Iv tried the sub_str approach but it does not accept any email addresess, any ideas why
I prefer using eregi
Code: Select all
<?php
$email = "abc@testaddress.com";
$error1 = false;
$error2 = false;
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) { $error1 = true; }
if(eregi("hotmail",$email) || eregi("yahoo",$email)) { $error2 = true; }
if (!$error1 && !$error2) { echo "congrats!"; }
if ($error1) { echo "invalid email address<br />";}
if ($error2) { echo "yahoo / hotmail address used";}
?>
aerodromoi
btw: there are also top level domains like "museum"...
Posted: Mon May 08, 2006 11:36 am
by Chris Corbyn
hame22 wrote:Iv tried the sub_str approach but it does not accept any email addresess, any ideas why
here is my code:
Code: Select all
elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
{
$error = "2";
}
//elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[hotmail|yahoo]\.com)$", $email))
elseif (substr($email, "hotmail") || substr($email, "yahoo"))
{
// Mail is invalid.
$error = "10";
}
That should strpos() not substr(). substr() is for pulling out substrings and the second two paramters are integer values.
Posted: Mon May 08, 2006 12:29 pm
by Roja
hame22 wrote:Iv tried the sub_str approach but it does not accept any email addresess, any ideas why
As d11 pointed out, I mixed up my functions. It should be strpos, NOT substr. I corrected my earlier post.
Sorry, its a Monday.

alternate approach
Posted: Tue May 09, 2006 12:54 am
by dibyendrah
My alternate approach but similar to the above solutions:
Code: Select all
<?php
$email = "someone@yahoo.com";
$ban_email_domain1 = "yahoo.com";
$ban_email_domain2 = "hotmail.com";
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
if(strstr($email, $ban_email_domain1)){
print "yahoo.com not allowed";
}elseif (strstr($email, $ban_email_domain2)){
print "hotmail.com not allowed";
}else {
print "valid email with no yahoo or hotmail.com";
//process the member registration
}
}
?>
Cheers,
Dibyendra
Posted: Tue May 09, 2006 1:07 am
by RobertGonzalez
Step 1. Vlidate the email adress using regex (like you are doing already).
Step 2. If the email validation passes, strpos it for '@yahoo.com' and '@hotmail.com'
The reason I would throw in the '@' sign is just in case someone has gotten cute and created a website like
http://www.ihateyahoo.com. Their email address would be bounced from your system. If you want to keep out the yahoo.com and hotmail.com domains only, strpos the email address with the '@' sign.
Just my $0.02.
Posted: Tue May 09, 2006 1:20 am
by dibyendrah
Everah wrote:Step 1. Vlidate the email adress using regex (like you are doing already).
Step 2. If the email validation passes, strpos it for '@yahoo.com' and '@hotmail.com'
The reason I would throw in the '@' sign is just in case someone has gotten cute and created a website like
http://www.ihateyahoo.com. Their email address would be bounced from your system. If you want to keep out the yahoo.com and hotmail.com domains only, strpos the email address with the '@' sign.
Just my $0.02.
Good Logic ! I liked that approach rather than mine using str_str
Thanks Everah !
Posted: Tue May 09, 2006 1:37 am
by RobertGonzalez
Every 1 out of 900 or so I hit a homerun.

Glad I could help.