Gmail.com ignores dots/periods (.) in email usernames, so that the following email addresses are all equivalent:
[email protected]
[email protected]
[email protected]
Spammers use this technique to utilize the same actual email address to register multiple times on my forums. I can't block all of the offending IP addresses, nor can I block all possible permutations of email addresses.
So, after a considerable amount of searching, I have determined a way to prevent users from registering with multiple dots in their emails.
I don't care much about being "RFC Compliant" with regard to email address validation, and I don't care to discuss how this filter could result in real email addresses being denied access to my boards. I have made a couple of comments in the code which address these issues. What I am interested in is blocking gmail.com email addresses with more than three dots in them and allowing "normal" email addresses (as determined by me
I hope someone finds this useful.
in file includes/ucp/ucp_register.php
Find:
Code: Select all
if ($data['email'] != $data['email_confirm'])
{
$error[] = $user->lang['NEW_EMAIL_ERROR'];
}
Code: Select all
// Email address validation for gmail.com addresses
if( preg_match( '/@gmail\.com$/', $data['email'] ))
{
$addrLen = strlen($data['email']);
$dotCount = substr_count($data['email'],".");
// Is the email address longer than 17 characters and contain more than 3 dots?
// 17 is really just an arbitrary number - set it to whatever you think best
// 3 dots includes all dots in the address
// Setting to three dots would disallow the use of possible real emails such as [email protected]
if ($addrLen>17 && $dotCount>3)
{
$error[] = 'This email address is not allowed';
}
}