is_email_address_unsafe( string $user_email )

Checks an email address against a list of banned domains.


Description Description

This function checks against the Banned Email Domains list at wp-admin/network/settings.php. The check is only run on self-registrations; user creation at wp-admin/network/users.php bypasses this check.


Parameters Parameters

$user_email

(string) (Required) The email provided by the user at registration.


Top ↑

Return Return

(bool) Returns true when the email address is banned.


Top ↑

Source Source

File: wp-includes/ms-functions.php

function is_email_address_unsafe( $user_email ) {
	$banned_names = get_site_option( 'banned_email_domains' );
	if ( $banned_names && ! is_array( $banned_names ) ) {
		$banned_names = explode( "\n", $banned_names );
	}

	$is_email_address_unsafe = false;

	if ( $banned_names && is_array( $banned_names ) && false !== strpos( $user_email, '@', 1 ) ) {
		$banned_names     = array_map( 'strtolower', $banned_names );
		$normalized_email = strtolower( $user_email );

		list( $email_local_part, $email_domain ) = explode( '@', $normalized_email );

		foreach ( $banned_names as $banned_domain ) {
			if ( ! $banned_domain ) {
				continue;
			}

			if ( $email_domain == $banned_domain ) {
				$is_email_address_unsafe = true;
				break;
			}

			$dotted_domain = ".$banned_domain";
			if ( $dotted_domain === substr( $normalized_email, -strlen( $dotted_domain ) ) ) {
				$is_email_address_unsafe = true;
				break;
			}
		}
	}

	/**
	 * Filters whether an email address is unsafe.
	 *
	 * @since 3.5.0
	 *
	 * @param bool   $is_email_address_unsafe Whether the email address is "unsafe". Default false.
	 * @param string $user_email              User email address.
	 */
	return apply_filters( 'is_email_address_unsafe', $is_email_address_unsafe, $user_email );
}

Top ↑

Changelog Changelog

Changelog
Version Description
MU (3.0.0) Introduced.


Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.