Sidra Harris
-
Content Count
20 -
Joined
-
Last visited
Reputation Activity
-
Sidra Harris reacted to Takuya in Flux CP > block [email protected] From the register on the site
You really shouldn't use eregi, the ereg-extension has already been thrown out of PHP by default and it contains many problems, including security-related ones.
Stick to preg and use proper PHP validation, go for something like
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || preg_match('/@(mailinator|hotmail|trashmail)\..+$/i', $email)) throw new Flux_RegisterError('Invalid e-mail address', Flux_RegisterError::INVALID_EMAIL_ADDRESS);
For more information visit the PHP documentation on ereg and on filter_var. Keep your servers safe, folks.
-
Sidra Harris reacted to Asheraf in Flux CP > block [email protected] From the register on the site
as i told you it's not the best way (background in php 0) just thought if i start it may some one come and give a better solution ^^
-
Sidra Harris reacted to Asheraf in Flux CP > block [email protected] From the register on the site
after a little research i found a way to do this (this is not the best way to do it but it works)
first open ../lib/Flux/LoginServer.php
search for
elseif (!preg_match('/^(.+?)@(.+?)$/', $email)) { throw new Flux_RegisterError('Invalid e-mail address', Flux_RegisterError::INVALID_EMAIL_ADDRESS); } add this after it
elseif (eregi('^[a-zA-Z0-9._-]+@[mailionator]+\.[a-zA-Z.]{2,5}$', $email)) { throw new Flux_RegisterError('Invalid e-mail address', Flux_RegisterError::INVALID_EMAIL_ADDRESS); } then open the files:
../modules/account/changemail.php
../modules/account/resend.php
../modules/account/resetpass.php
search for
elseif (!preg_match('/^(.+?)@(.+?)$/', $email)) { $errorMessage = Flux::message('EmailInvalid'); } add after it
elseif (eregi('^[a-zA-Z0-9._-]+@[mailionator]+\.[a-zA-Z.]{2,5}$', $email)) { $errorMessage = Flux::message('InvalidEmailAddress'); } this will block registration/email changing/resetting password/resending verification email to all email with domain *@mailionator.* you can add hotmail too by ading it to the elseif.
-
Sidra Harris reacted to Asheraf in Flux CP > block [email protected] From the register on the site
just add more like this
elseif (eregi('^[a-zA-Z0-9._-]+@[mailionator]+\.[a-zA-Z.]{2,5}$', $email) || eregi('^[a-zA-Z0-9._-]+@[gmail]+\.[a-zA-Z.]{2,5}$', $email) || eregi('^[a-zA-Z0-9._-]+@[hotmail]+\.[a-zA-Z.]{2,5}$', $email)) { -
Sidra Harris reacted to Mystery in Need Advanced Warper
You are requesting a script. Hence, you need to post in the correct section... and the correct section is under Script Requests. Please don't ask for scripts inside the General Support area.
Topic moved.
