PHP Register Script - Forcing Specific Email Domain

Question

I currently have a registration script on my website that requires the email to be from a specific domain.

So for this example, we will say that the user needs to signup using a @gmail.com email.

$gmail = 'gmail.com';
$emailCheck = strpos($_POST['email'],$gmail);

I then check to make sure the users form submitted email contains gmail.com before proceeding.

if($emailCheck === false) {
        $err[]='Only @gmail.com email addresses are currently accepted.';
}

I only then proceed to continue with the registeration using a check to see if any $err[] have occured.

if(!count($err)) {

        // INSERT IN DB, ETC. //
}

The issue I'm having is that if a user fills out [email protected] the script provides and error. If the user provides [email protected] it works as it should. But if the user just inputs the first part of the email leaving out @gmail.com it also works, running the SQL query and inputing the values into the DB.

Any help would be greatly appreciated!

Given the code you posted, entering an email address that's not containing "gmail.com" will not execute the statements in the second if body, because $err will be set. Are you sure this is the code that's being executed? — CodeCaster
Not really an answer, but I would suggest if(count($err) < 1) and also declaring $err = [] around your $gmail var. — Kai Qing
Fixed it actually, you were right. I was also running a check to make sure it was a valid email address before paying it to if($emailCheck) that was causing the $emailcheck to be skipped not a full email was every submitted! — Jako

cur4so cur4so · Accepted Answer · 2011-12-12T23:01:43

$input=trim($_POST['email']);
if (preg_match("/^\S+@gmail\.com$/i", $input) {

// INSERT IN DB, ETC. //

}
else {
$err[]='Only valid <your_login>@gmail.com email addresses are currently accepted.';
}

PHP Register Script - Forcing Specific Email Domain

1 Answers