We help IT Professionals succeed at work.

Not accept @hotmail.com in email feild

egovernment
egovernment asked
on
I'm using the following string in email field
^[A-Za-z0-9\.|-|_]*[@]{1}[A-Za-z0-9\.|-|_]*[.]{1}[a-z]{2,5}$

But I need to modify it to not allow @hotmail.com
Comment
Watch Question

Commented:
to not accept just one email like that I would suggest a new line of javascript looking for hotmail and also in the php page you post to check for that email, that is the only true way to be safe about it.
Most Valuable Expert 2011
Top Expert 2016

Commented:
I'll show you the code in a second.  All you have to do is look for the substring @hotmail.com in the input.

Commented:
a larger but good example on how to block domains would be like this..  I copies and pasted but it does work.

Most Valuable Expert 2011
Top Expert 2016

Commented:
See the function description here:
http://us.php.net/manual/en/function.stripos.php

See the script in action here:
www.laprbass.com/RAY_temp_egovernment.php
<?php // RAY_temp_egovernment.php
error_reporting(E_ALL);

$q = NULL;
if (!empty($_GET["q"]))
{
    $q = $_GET["q"];
    if (stripos($q, '@HOTMAIL.COM'))
    {
        echo "CANNOT USE $q BECAUSE OF HOTMAIL RESTRICTION";
    }
    else
    {
        echo "OK TO USE $q";
    }
}

$form = <<<FORM
<form>
EMAIL: <input name="q" value="$q" />
<input type="submit" />
</form>
FORM;

echo $form;

Open in new window

Commented:

<form name="validation" onSubmit="return checkbae()">
Please input a valid email address:<br />
<input type="text" size=18 name="emailcheck">
<input type="submit" value="Submit">
</form>
<script language="JavaScript1.2">

//Advanced Email Check credit-
//By JavaScript Kit (www.javascriptkit.com)
//Over 200+ free scripts here!

var invalidaddress=new Array()
invalidaddress[0]="hotmail"
invalidaddress[1]="rocketmail"
invalidaddress[2]="yahoo"
invalidaddress[3]="zdnetmail"
//extend or shorten this list if neccessary

var testresults
function checkemail(){
var invalidcheck=0;
var str=document.validation.emailcheck.value
var filter=/^(\w+(?:\.\w+)*)@((?:\w+\.)*\w[\w-]{0,66})\.([a-z]{2,6}(?:\.[a-z]{2})?)$/i
if (filter.test(str)){
var tempstring=str.split("@")
tempstring=tempstring[1].split(".")
for (i=0;i<invalidaddress.length;i++){
if (tempstring[0]==invalidaddress[i])
invalidcheck=1
}
if (invalidcheck!=1)
testresults=true
else{
alert("Please input a more official email address!")
testresults=false
}
}
else{
alert("Please input a valid email address!")
testresults=false
}
return (testresults)
}
</script>

<script>
function checkbae(){
if (document.layers||document.getElementById||document.all)
return checkemail()
else
return true
}
</script>

<p align="center">This free script provided by<br />
<a href="http://javascriptkit.com">JavaScript
Kit</a></p>

Open in new window

Most Valuable Expert 2011
Top Expert 2016
Commented:
If you are interested in actually checking the domains, etc., you might find this script useful.  You can add your test to block domains at the array "$bogus/"

You can test it on my server here:
www.laprbass.com/RAY_email_validation.php
<?php // RAY_email_validation.php
error_reporting(E_ALL);



// A FUNCTION TO TEST FOR A VALID EMAIL ADDRESS, RETURN TRUE OR FALSE



// SEE MAN PAGE: http://php.net/manual/en/intro.filter.php
function check_valid_email($email)
{
    // LIST OF BLOCKED DOMAINS
    $bogus = array
    ( '@hotmail.com'
    , '@gooseball.com'
    )
    ;

    // IF PHP 5.2 OR ABOVE, WE CAN USE THE FILTER
    if (strnatcmp(phpversion(),'5.2') >= 0)
    {
        if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE) return FALSE;
    }

    // IF LOWER-LEVEL PHP, WE CAN CONSTRUCT A REGULAR EXPRESSION
    else
    {
        $regex
        = '/'                        // START REGEX DELIMITER
        . '^'                        // START STRING
        . '[A-Z0-9_-]'               // AN EMAIL - SOME CHARACTER(S)
        . '[A-Z0-9._-]*'             // AN EMAIL - SOME CHARACTER(S) PERMITS DOT
        . '@'                        // A SINGLE AT-SIGN
        . '([A-Z0-9][A-Z0-9-]*\.)+'  // A DOMAIN NAME PERMITS DOT, ENDS DOT
        . '[A-Z\.]'                  // A TOP-LEVEL DOMAIN PERMITS DOT
        . '{2,6}'                    // TLD LENGTH >= 2 AND =< 6
        . '$'                        // ENDOF STRING
        . '/'                        // ENDOF REGEX DELIMITER
        . 'i'                        // CASE INSENSITIVE
        ;
        // TEST THE STRING FORMAT
        if (!preg_match($regex, $email)) return FALSE;
    }

    // TEST TO SEE IF THE DOMAIN IS IN OUR BLOCKED LIST
    foreach ($bogus as $badguy)
    {
        if (stripos($email, $badguy)) return FALSE;
    }

    // FILTER_VAR OR PREG_MATCH DOES NOT TEST IF THE DOMAIN IS ROUTABLE
    $domain = explode('@', $email);

    // MAN PAGE: http://php.net/manual/en/function.checkdnsrr.php
    if ( checkdnsrr($domain[1], "MX") || checkdnsrr($domain[1], "A") ) return TRUE;

    // EMAIL IS NOT ROUTABLE
    return FALSE;
}



// DEMONSTRATE THE FUNCTION IN ACTION
$e = NULL;
if (!empty($_GET["e"]))
{
    $e = $_GET["e"];
    if (check_valid_email($e))
    {
        echo "<br/>VALID: $e \n";
    }
    else
    {
        echo "<br/>BOGUS: $e \n";
    }
}


// END OF PROCESSING - CREATE THE FORM USING HEREDOC NOTATION
$form = <<<ENDFORM
<form>
TEST A STRING FOR A VALID EMAIL ADDRESS:
<input name="e" value="$e" />
<input type="submit" />
</form>
ENDFORM;

echo $form;

Open in new window

Most Valuable Expert 2011
Top Expert 2016

Commented:
One last note, then I will sign off.  You might want to make this a two step process.  If you use JavaScript for validation, you can create a nice message for your clients, but JavaScript is absolutely useless for the security and integrity of your server-side data model.  You must validate and filter the data after it has been received on the server.  Nice people will not be a problem for you - they will just look a the JavaScript messages and obey the instructions.  Hackers will not bother with the JS validation - they will post toxic data directly into your action script, bypassing the JavaScript entirely.

Best of luck with your project, ~Ray

Author

Commented:
Thanks for all answers but I think the all answers is too long I'm using one line as

if (strstr($Alternative_Email_Text, "@hotmail") || strstr($Alternative_Email_Text, "@HOTMAIL"))
{

}

Open in new window

Author

Commented:
But I want to modify my code to include all possible sensitive like

Hotmail
hOtmail
hoTmail and so on

Commented:
but you do not need to cover case sensitive information like that you can just compare the lowercase variable to the lowercase of the text box.  If you want to do anything about being very careful and people escaping your javascript and php code you should worry more about hex encoding or other ways to obfuscate the hotmail name while still allowing the server to process the email.
Most Valuable Expert 2011
Top Expert 2016

Commented:
See line 49 of the code snippet I posted above.  If you can find a way to get past that with a hack, please post it here so we can all learn something!
Most Valuable Expert 2011
Top Expert 2016

Commented:
And regarding this,
I think the all answers is too long I'm using one line as...

Upon reading that, I don't know what to say to you, except please consider getting some kind of foundation in the basics of computer programming. Compound statements are the enemy of good software development.   Professionals would never write one-line compound statements because they want to be able to express their thoughts clearly, individually, and written out in a way that is easy for others to understand, modify and debug.

Best of luck with the project, ~Ray

Explore More ContentExplore courses, solutions, and other research materials related to this topic.