Page 1 of 1

Email validation - restricting hotmail and yahoo addresses

Posted: Mon May 08, 2006 6:12 am
by hame22
Hi

In my member-based website I am trying to prevent users signing up using email addresses from hotmail and yahoo so as to prevent fraud.

My current email validation code is:

Code: Select all

elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
How would I need to change this to allow this validation?

thanks in advance

Posted: Mon May 08, 2006 6:30 am
by dibyendrah
The following code will prevent the uses from posting the hotmail or yahoo emails :

Code: Select all

elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[hotmail|yahoo]\.com)$", $email))
Not tested! But it might work .. :wink:

Posted: Mon May 08, 2006 9:01 am
by Roja
I would split it into two seperate goals: One to validate the format of the email correctly, and one to flag hotmal and yahoo as invalid.

I have a ready made email validation function if you'd like to use it. Its RFC compliant, and its an exhaustive check.

For the hotmail and yahoo checks, just do a substr:

Code: Select all

if (strpos($email, "hotmail") || strpos($email, "yahoo))
{
  // Mail is invalid.
}

Posted: Mon May 08, 2006 10:43 am
by hame22
Iv tried the sub_str approach but it does not accept any email addresess, any ideas why

here is my code:

Code: Select all

elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
	{
		$error = "2";
	} 
	//elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[hotmail|yahoo]\.com)$", $email)) 
	elseif (substr($email, "hotmail") || substr($email, "yahoo")) 
	{
  		// Mail is invalid.
  		$error = "10";
	}

Posted: Mon May 08, 2006 11:21 am
by aerodromoi
hame22 wrote:Iv tried the sub_str approach but it does not accept any email addresess, any ideas why
I prefer using eregi :)

Code: Select all

<?php
$email = "abc@testaddress.com";

$error1 = false;
$error2 = false;

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", $email)) { $error1 = true; }
if(eregi("hotmail",$email) || eregi("yahoo",$email)) { $error2 = true; }

if (!$error1 && !$error2) { echo "congrats!"; }
if ($error1) { echo "invalid email address<br />";}
if ($error2) { echo "yahoo / hotmail address used";}
?>
aerodromoi

btw: there are also top level domains like "museum"...

Posted: Mon May 08, 2006 11:36 am
by Chris Corbyn
hame22 wrote:Iv tried the sub_str approach but it does not accept any email addresess, any ideas why

here is my code:

Code: Select all

elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email))
	{
		$error = "2";
	} 
	//elseif(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[hotmail|yahoo]\.com)$", $email)) 
	elseif (substr($email, "hotmail") || substr($email, "yahoo")) 
	{
  		// Mail is invalid.
  		$error = "10";
	}
That should strpos() not substr(). substr() is for pulling out substrings and the second two paramters are integer values.

Posted: Mon May 08, 2006 12:29 pm
by Roja
hame22 wrote:Iv tried the sub_str approach but it does not accept any email addresess, any ideas why
As d11 pointed out, I mixed up my functions. It should be strpos, NOT substr. I corrected my earlier post.

Sorry, its a Monday. :)

alternate approach

Posted: Tue May 09, 2006 12:54 am
by dibyendrah
My alternate approach but similar to the above solutions:

Code: Select all

<?php
$email =  "someone@yahoo.com";
$ban_email_domain1 = "yahoo.com";
$ban_email_domain2 = "hotmail.com";

if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
	if(strstr($email, $ban_email_domain1)){
		print "yahoo.com not allowed";				
	}elseif (strstr($email, $ban_email_domain2)){
		print "hotmail.com not allowed";		
	}else {
		print "valid email with no yahoo or hotmail.com";
		//process the member registration
	}
}

?>
Cheers,
Dibyendra

Posted: Tue May 09, 2006 1:07 am
by RobertGonzalez
Step 1. Vlidate the email adress using regex (like you are doing already).
Step 2. If the email validation passes, strpos it for '@yahoo.com' and '@hotmail.com'

The reason I would throw in the '@' sign is just in case someone has gotten cute and created a website like http://www.ihateyahoo.com. Their email address would be bounced from your system. If you want to keep out the yahoo.com and hotmail.com domains only, strpos the email address with the '@' sign.

Just my $0.02.

Posted: Tue May 09, 2006 1:20 am
by dibyendrah
Everah wrote:Step 1. Vlidate the email adress using regex (like you are doing already).
Step 2. If the email validation passes, strpos it for '@yahoo.com' and '@hotmail.com'

The reason I would throw in the '@' sign is just in case someone has gotten cute and created a website like http://www.ihateyahoo.com. Their email address would be bounced from your system. If you want to keep out the yahoo.com and hotmail.com domains only, strpos the email address with the '@' sign.

Just my $0.02.

Good Logic ! I liked that approach rather than mine using str_str

Thanks Everah !

Posted: Tue May 09, 2006 1:37 am
by RobertGonzalez
Every 1 out of 900 or so I hit a homerun. :lol: Glad I could help.