Prohibition of temporary mailbox registration

[Cee]

🎯Description of the issue

Prohibition of temporary mailbox registration

▶🚶‍Reproduction steps

1. I tried changing /app/routes/route.signup.php and adding the following code to disable registration with a specific temporary mailbox, but it doesn't work, is there something wrong with my method? How can I do this?

😢Unexpected result

No error syntax is suggested, but it doesn't work.

📃Error log message

                $temporary_email = strstr($_POST['email'],'@');

                $temporary = ['bccto.me','linshiyouxiang.net','chacuo.net','027168.com','www.bccto.me','8723891.com','3202.com','chaichuang.com','4057.com','oiizz.com','aaamail.online','80600.net','a7996.com','156mail.cn','pincoffee.com','haimai.pro','135mail.cn','137mail.cn','119mail.com','foxmaii.cn','263mali.cn','huaweimali.cn','dawin.com','tomali.cn','1766258.com','bcaoo.com','yopmail.com','disbox.org','tmpmail.net','tmail.ws','tmpmail.org','tmails.net','disbox.net','moakt.co','moakt.ws','bareed.ws','yunser.net','sharklasers.com','guerrillamail.info','grr.la','guerrillamail.biz','guerrillamail.com','guerrillamail.de','guerrillamail.net','guerrillamail.org','guerrillamailblock.com','pokemail.net','spam4.me','idxue.com','tuofs.com','ixaks.com','003m.cn','t.odmail.cn','mylongxin.cn','tempmailbox.cn','maildrop.cc','666email.com','trashmail.com','urhen.com'];

                foreach ($temporary as $j){

                if($temporary_email === '@'.$j){

                $input_errors['email'] = _s('不欢迎临时邮箱');

                break;

                 }

            }

 

[Cee]

Is nobody there?

 

[imghut]

It's a reasonable idea and one I thought about, but then I discovered even if someone registers with a real account, they can then just login and change the email address to one that does not even exist without any verification, so it makes it a useless feature really.

 

[Cee]

It's a reasonable idea and one I thought about, but then I discovered even if someone registers with a real account, they can then just login and change the email address to one that does not even exist without any verification, so it makes it a useless feature really.

Why can't I judge whether my email is verified when I register? It seems that this program does a very poor job of anti-spam, and the two anti-spam functions in the background are almost useless.

 

[Rodolfo]

Is nobody there?

No offense, but if you really want others to pay attention to your code then you have to present it in a way readers can digest it. I've edited your post and now it looks better for the eye. However, you didn't mention where you added the code, I mean, exactly in which line.

Also, I think that you should hack the user class directly in both insert or update methods. At least, that will carry the entire system and not just the signup route.

P.S. StopForumSpam and Akismet are doing great to reduce spam accounts, give it a try.

 

[Cee]

No offense, but if you really want others to pay attention to your code then you have to present it in a way readers can digest it. I've edited your post and now it looks better for the eye. However, you didn't mention where you added the code, I mean, exactly in which line.

Also, I think that you should hack the user class directly in both insert or update methods. At least, that will carry the entire system and not just the signup route.

P.S. StopForumSpam and Akismet are doing great to reduce spam accounts, give it a try.

My English is not good, sorry. It's weird that Gmail registration will be blocked when StopForumSpam is turned on. How should I restrict the registration of a specific mailbox?

 

[Rodolfo]

Your code detects the conflicting mailboxes, is just that you need to put that condition and error response in the appropriate line.

Like just before this line: https://github.com/Chevereto/Chevereto-Free/blob/master/app/lib/classes/class.user.php#L162

Simply throw an exception instead of a break.