A way to restrict users by their email provider?

[pardoido]

Hello!

I wanna know if there is any way to restrict the users that are allowed to register in my site...

for example:

a function that will check if the inserted email is "@allowedemail1.com" or "@allowedemail2.com"
or
check if the "@emailprovider.com" string of the inserted email can be found in a sql table

i dont know any way to make it.

can anyone help me?

if you can't code it for me and the osclass community, please help me by telling me a "study path" to learn this kind of programing skills, because i've downloaded osclass like 2 months ago, and i'm still kinda lost in my "osclass depth customization experience"..
thanks!

[teseo]

Hi,

No need for additional coding, this feature is in the Osclass core already. Admin Dashboard / Users / Ban Rules.

Regards

[pardoido]

hello teseo!! 

thanks for your help here...
but i'm trying to make a closed osclass version for my university..

so my ban rule would be something like this:

Code: [Select]

Ban {Everybody}
Allow if {@university1.com, @university2.com, @university3.com, @university3.com....}

** Allow if {check table with the allowed servers}

OR

Code: [Select]

Allow if {@university1.com, @university2.com, @university3.com, @university3.com....}

i dont know... maybe i can use this for blocking big servers such as gmail, hotmail, yahoo...
but i dont think it would be the best or the smartest way 

is there any way that i can use the Osclass Ban Rules Module to achieve that?

thanks..

[teseo]

Hi,

"@universityX.com" is always same university name+number+.com?

[pardoido]

no.. they're going to be different..

Code: [Select]

@fearp.usp.br
@unip.com.br
@unaerp.com.br
@unicamp.com.br
... etc
and i really dont mind if i'll have to add these values to my sql 1 by 1... 

[teseo]

Oh, you'll need to write all those domains somewhere, don't worry...

It's doable, but as far as I can see not exactly with the current ban rules system, I'll get back to you tomorrow.

Regards

[dev101]

This is just a simple idea, teseo will probably get a better solution, and obviously haven't tested it, however maybe the fastest way to do this is by directly adding the rules inside register.php controller, before even hitting the database or anything.

controller > register.php

Code: [Select]

case('register_post'):  //register user
osc_csrf_check();
if( !osc_users_enabled() ) {
osc_add_flash_error_message( _m('Users are not enabled') );
$this->redirectTo( osc_base_url() );
}

osc_run_hook('before_user_register');

$banned = osc_is_banned(Params::getParam('s_email'));
if($banned==1) {
osc_add_flash_error_message( _m('Your current email is not allowed'));
$this->redirectTo(osc_register_account_url());
} else if($banned==2) {
osc_add_flash_error_message( _m('Your current IP is not allowed'));
$this->redirectTo(osc_register_account_url());
}

///////////////////////////////////////////////////////////////////////////////////////////////
// add your rules here
if(strpos(Params::getParam('s_email'), '@university.org') !== true) {
osc_redirect_to(osc_register_account_url());
}
///////////////////////////////////////////////////////////////////////////////////////////////

// here original code continues...
require_once LIB_PATH . 'osclass/UserActions.php';
...

about 'rules goes here*', this still needs to be constructed.

Drawback is this is a core file, you need the backup it plus disable automatic updates, and be careful about future manual updates, since this file may be changed.

Regards

[teseo]

@dev, lately I'm doing my best to try and find procedures not requiring to change core files. Of course that is not always possible, but in this case it is. You're in the correct spot, but you missed the "backdoor" there, a hook that is called before the checking for ban rules.

Code: [Select]

<?php
function cust_restrict_mail_providers() {

    $authorized_providers = array(
        'fearp.usp.br',
        'unip.com.br',
        'unaerp.com.br',
        'unicamp.com.br'
    );
    $current_provider = preg_replace('/^.*@(.*)$/i', '$1', Params::getParam('s_email'));

    if (!in_array($current_provider, $authorized_providers)) {
        osc_add_flash_error_message( _m('Your current email is not allowed'));
        osc_redirect_to(osc_register_account_url());
    }
}

osc_add_hook('before_user_register', 'cust_restrict_mail_providers');
?>
@pardoido, add this at the very bottom of your theme functions.php (take care not to leave blank lines after this).

You may continue adding mail providers to the array, separated by comma.

Regards

[dev101]

@dev, lately I'm doing my best to try and find procedures not requiring to change core files. Of course that is not always possible, but in this case it is. You're in the correct spot, but you missed the "backdoor" there, a hook that is called before the checking for ban rules.

Hi teseo, so I've noticed

I must congratulate you for a great job you are doing, things that were considered impossible without core mods before are possible thanks to you

Yes, proposed additional code should be put before ban rules check in this particular case, I am using a similar modification where it is required to be placed after, so simply left it there as a quick example.

Regards