is_email_address_unsafe( string $user_email ): bool

Checks an email address against a list of banned domains.

Description

This function checks against the Banned Email Domains list at wp-admin/network/settings.php. The check is only run on self-registrations; user creation at wp-admin/network/users.php bypasses this check.

Parameters

$user_emailstringrequired
The email provided by the user at registration.

Return

bool True when the email address is banned, false otherwise.

Source

function is_email_address_unsafe( $user_email ) {
	$banned_names = get_site_option( 'banned_email_domains' );
	if ( $banned_names && ! is_array( $banned_names ) ) {
		$banned_names = explode( "\n", $banned_names );
	}

	$is_email_address_unsafe = false;

	if ( $banned_names && is_array( $banned_names ) && false !== strpos( $user_email, '@', 1 ) ) {
		$banned_names     = array_map( 'strtolower', $banned_names );
		$normalized_email = strtolower( $user_email );

		list( $email_local_part, $email_domain ) = explode( '@', $normalized_email );

		foreach ( $banned_names as $banned_domain ) {
			if ( ! $banned_domain ) {
				continue;
			}

			if ( $email_domain === $banned_domain ) {
				$is_email_address_unsafe = true;
				break;
			}

			if ( str_ends_with( $normalized_email, ".$banned_domain" ) ) {
				$is_email_address_unsafe = true;
				break;
			}
		}
	}

	/**
	 * Filters whether an email address is unsafe.
	 *
	 * @since 3.5.0
	 *
	 * @param bool   $is_email_address_unsafe Whether the email address is "unsafe". Default false.
	 * @param string $user_email              User email address.
	 */
	return apply_filters( 'is_email_address_unsafe', $is_email_address_unsafe, $user_email );
}

Hooks

apply_filters( ‘is_email_address_unsafe’, bool $is_email_address_unsafe, string $user_email )

Filters whether an email address is unsafe.

Changelog

VersionDescription
MU (3.0.0)Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.