When activating the function “error_reporting(E_ALL);”, warnings related to the plugin “User Domain Whitelist” are shown:
Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; HMUserDomainWhitelist has a deprecated constructor in /public_html/xpto.com.br/wp-content/plugins/user-domain-whitelist/user-domain-whitelist.php on line 15
Warning: Cannot modify header information – headers already sent by (output started at /public_html/xpto.com.br/wp-content/plugins/user-domain-whitelist/user-domain-whitelist.php:15) in /public_html/xpto.com.br/wp-admin/includes/misc.php on line 1126
]]>I have added several domains in the Blacklist mode, yet people can still sign up with them.
e.g. domains
africanmango.info
birthday-party.info
After updating to WP 4.9.1 and setting php to 7.1, the plugin user domain whitelist started to fail.
Fatal error: Uncaught Error: Call to undefined function split() in /public_html/wp-content/plugins/user-domain-whitelist/user-domain-whitelist.php:112
]]>Every time a user informs an email included in the blacklist, it shows a message like this: “ERROR: …” . In Portuguese should be “ERRO: …”, without the last character “R”.
This was supposed to be fixed in version 1.4, but it is still happening. Where should the translation be stored? File with extension ‘*.po’?
]]>Hello.
For some reason, the plugin blocks the check with the domain @inbox.ru although this domain black list was not added.
Prompt, please, can it be deleted from the black list – users can’t register.
]]>I’m using a plugin to create a custom login/registration plugin called WP Modal Login, but the Whitelist doesn’t effect this registration. It only restricts the registration/login from the WordPress default login/registration page. Is there a way to make this plugin restrict the registration on this plugin?
]]>Hello, great plugin. Would it be possible to not only allow registrations from the whitelist, but to automatically activate those users? It would be nice to not have to manually activate members who are already from an approved domain.
]]>Hi,
The whitlising works fine, but there is nog error shown when you try to register with a wrong domain.
]]>Please can stripslashes be added to bad_domain_message when viewing edit form?
]]>Hi, is possible to use this plugin with the sidebar login plugin? is too hard to implement it?
Nice plugin
Thanks
I’m using buddypress and am looking for a solution that will restrict registration to mysite.com domains. This is for an internal social and forum site at a school. It doesn’t seem like this plugin works with buddypress. Is this correct?
If not is there any other way I could manually whitelist a site?
THANK YOU in advance!
Ian
]]>I need to white list the *.ultimatumtheme.com in my wordpress site.
How do I do that?
I have a site that has users from many different domains, but now want to restrict NEW users to one domain. Your whitelist, if implemented, would block all users not from a certain domain from registration.
Does it leave users already registered alone, even if they are from a non-whitelist domain?
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>User Domain Whitelist/Blacklist is not blocking domains from registering. Several of the Chineses and Russian spam bots are using email domains for their spam registrations on our site. I have entered the domains in Blacklist but they are not being blocked. Is v1.4 working with WP 3.5.1?
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>Every time a user informs an email included in the blacklist, it shows a message like this: “ERROR: …” . In Portuguese should be “ERRO: …”, without the last character “R”.
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>Hello,
Can User Domain Whitelist be integrated with another plugin such as Register Plus Redux , so that RPR can be used with all its features and yet some email domains be banned from registration? Just installing the two plugins would do the work?
Thanks
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>Is it possible to integrate the User Domain Whitelist with a Salesforce form? Additionally, if Salesforce integration is not an option, would it be possible to integrate the plugin with a different registration form (eg. not WordPress registration).
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>I’d really like to use this plugin on a multisite install to create a designated white list for EACH multisite.
Is there someway I could modify the code to accomplish this, or is there anyway it could be added to the functionality of the core plugin?
Thanks,
Nick
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>I’m using this plugin on my WP installation which works out of the box.
I have a form on the site which inputs domain names. I want to be able to store these domain names into the plugin’s option_value in the wp_options table. How do I do that using PHP?
This is how the plugin stores the value in the database:
a:4:{s:4:"mode";s:5:"white";s:16:"domain_whitelist";s:62:"facebook.com
.edu
.test
hotmail.com
test.co.uk
test.co.in";s:16:"domain_blacklist";s:0:"";s:18:"bad_domain_message";s:58:"The email address entered is not within an allowed domain.";}The next question is that once the domains are added to this list via a form then how do I change the value of s:62 which changes every time a domain is added/updated/deleted from the list.
I noticed that 62 in “s:62” is the number of characters in the list (and it counts 2 characters for “return”). How do I change this value using PHP or $wpdb in the form when the domains are inserted into the database?
Any help is appreciated.
Cheers
Bhanu Chawla
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>I noticed today that the whitelist only matches on the end of the email string. (This is also true of the blacklist, though that isn’t as critical since at worst it would make registration more exclusive rather than inclusive.)
To test, put example.com into the whitelist and try registering with [email protected] — the plugin allows this registration.
If a malicious user knew one of the whitelisted domains (perhaps revealed in the error message the site admin has set up), it would be a trivial matter to bypass the restriction and gain potentially unlimited registrations by acquiring a domain of the form [random]example.com.
The troublesome code is the substr() on line 128 (and line 115 for the blacklist). It checks back from the end of the string and is limited by the number of characters in the whitelisted domain — so it’s not guaranteed to match every character after the @ in the email address.
There are many possible solutions — one of which could be a regex-based solution for domain matching. You wouldn’t have to get too complicated with it since WordPress has a check built-in to make sure email addresses are well-formed during registration. Here’s a quick example, not guaranteed to be airtight (and overly wordy for clarity)…
$allowed_domain = 'example.com';
$is_valid_email_domain = false;
$registration_email = '[email protected]';
preg_match( '/@(.*)/', $registration_email, $matches );
$registration_email_domain = $matches[1];
if ($registration_email_domain === $allowed_domain) {
$is_valid_email_domain = true;
}
Thanks for your plugin, Warren — it was a very helpful drop-in solution for my site, and I appreciate the effort you’ve put into it!
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>Hello,
I have setup User Domain Whitelist on a WP Multisite installation and Network Activated.
In a subsite I selected Whitelist mode and entered a domain name in the Domain Whitelist box.
However, users are still able to register even with any domain name email address.
Anything I should look for?
[ Signature moderated. ]
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
I have a list of individual email addresses that I need to validate registrations against, does this plugin support that feature or will it only verify the domain segment?
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>I’m using the Social Connect plugin and it seems that it bypasses this plugin. I’d like users to be able to register with their Google account if they are on the whitelist but Social Connect allows anyone to register despite this plugin being installed.
The User Domain Whitelist plugin works for regular registrations but not with registrations through Social Connect. Is there a possible fix or alternative plugin that can whitelist user registrations by email?
Thanks
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>Hello, it′s possible enable registration in BlackList, but automatic delete the user?.
Now the bot/person behind, can′t change the [email protected] for [email protected] They dont now why can login, post etc. Only the admin know the true. ??
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>How to translate the error messages? Is there a way to do using Poedit?
I.E. Every time a user informs an email included in the blacklist, the app shows a message like this: “Error: …”. In Portuguese should be “Erro: …”, but the word Error I didn’t find a way to translate.
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>A domain White list is a great idea, but what I really would love is a domain “black” list. I wish with ALL my heart to be able to black list hotmail.com as a domain email address that users can use to register. I am SO tired of hotmail users spamming double-opt in newsletters.
https://www.ads-software.com/extend/plugins/user-domain-whitelist/
]]>