Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
445 views
in Q2A Core by

Hi

i got i nice way to stop spammers, it's work for me, i allow only domain LTD, i can do that in Python Django, But i don't have any idea about PHP or question2answer.

How can i do this in question2answer, So the user in the register form well be validate if email LTD allowed, if not user can't register, And need invite from the admin.

# Python Django framework
def clean_email(self):
email = self.cleaned_data['email'].lower()
LTD = email.split('@')[1].split('.')[-1]
domain = email.split('@')[1]
if LTD != "uk":
raise forms.ValidationError(_("Only .UK emails are allowed."))
if User.objects.filter(email__iexact=email).exists():
raise forms.ValidationError(f"Email {email} Is used.")
return email

1 Answer

+1 vote
by
edited by
 
Best answer

Install the plugin Registration Blocker. In the plugin configuration (under Administration center → Plugins) put .uk (with the leading dot) in the "Email Domains" field and check the "Whitelist Email Domains" checkbox.

Full disclosure: I am co-author and current maintainer of that plugin.


Addendum:

Like I said in the comments, I'm not going to incorporate this in the official code, but if you're comfortable with making local changes, you could try replacing the following snippet (lines 106-128 in qa-registration-blocker.php):

if (in_array($email, $banned_emails)) {
  return $this->translate('email_address_not_allowed');
}

$email_domain = $this->get_domain_from_email($email);

if ($whitelist_mode) {
  if (!(in_array($email_domain, $topdomains) or $this->ends_with_any($email_domain, $subdomains))) {
    return $this->translate('email_domain_not_allowed');
  }
} else {
  foreach ($uribl as $bl) {
    if (preg_match('/^127\.0\.0\.[0-9]+$/', gethostbyname("${email_domain}.${bl}"))) {
      return $this->translate('email_domain_not_allowed');
    }
  }
  if (in_array($email_domain, $topdomains)) {
    return $this->translate('email_domain_not_allowed');
  }
  if ($this->ends_with_any($email_domain, $subdomains)) {
    return $this->translate('email_domain_not_allowed');
  }
}

with these lines:

$email_domain = $this->get_domain_from_email($email);

if ($whitelist_mode) {
  if (!(in_array($email, $banned_emails) or in_array($email_domain, $topdomains) or $this->ends_with_any($email_domain, $subdomains))) {
    return $this->translate('email_address_not_allowed');
  }
} else {
  if (in_array($email, $banned_emails)) {
    return $this->translate('email_address_not_allowed');
  }
  foreach ($uribl as $bl) {
    if (preg_match('/^127\.0\.0\.[0-9]+$/', gethostbyname("${email_domain}.${bl}"))) {
      return $this->translate('email_domain_not_allowed');
    }
  }
  if (in_array($email_domain, $topdomains)) {
    return $this->translate('email_domain_not_allowed');
  }
  if ($this->ends_with_any($email_domain, $subdomains)) {
    return $this->translate('email_domain_not_allowed');
  }
}

$banned_email is a misnomer in whitelist mode, but this is not an officially supported change anyway, so whatever.

And again, beware that with this change you have only regular expressions left to selectively blacklist e-mail addresses from allowed domains.

by
Well Done, This plugin did solve my main problem,

But also, i need a way to add a specific Email Addresses as admin, Something like "Allowed Email Addresses".
by
+1
I've given it some thought, but IMHO that's too much of an edge case for me to add yet another field (just for whitelisting specific addresses out of otherwise blocked domains). Simply turning the e-mail address field into a whitelist as well is not an option, b/c you most certainly want to retain the ability to blacklist individual addresses out of whitelisted domains.
by
My use case is a small private site just for our colleagues, and we don't want to be bothered by any outsider or spammer.

So i can manually receive requests to join on my email or my Whatsapp, and there for i can win this by "Allowed Email Addresses" only. ( if user email on the whitelist then can register)

Now i am trying to reverse "BANNED_EMAIL_ADDRESSES" in qa-registration-blocker.php to be  "Allowed_Email_Addresses"
but i came from python and i having a hard time with semicolon PHP :D
by
+1
See updated answer.
by
Many thanks, the custom code worked like magic.
...