on return?

What do you want to do with this script? I prevent JS in order to block XSS vulnerabilities (trust me, you want this). But depending on the script, it could be hookable.

I would like to re-direct

– let’s asssume that yahoo.com is blacklisted (with good reason), however, every now and then, there is actually a real user behind a yahoo.com mailaddress. By having a return that redirects to a selfchosen page it would provide for some opportunity to explain and filter real users back in, so to speak.

PS, another issue: TLD/wildcards is still not possible, right? – tried these two formats with no success:

*.remailled.com
@*.remailled.com

From the Plugin FAQ:

You can block by domain by entering @example.com, but you cannot block all .com emails.

No wildcards.

You could change the message to this:

<strong>ERROR</strong>: Your email has been banned from registration. [<a href="https://link.to/my-explanation/">Read more</a>]

That would keep them on the page, which really I think you’d want. Redirects can be a weird user experience.

I’m aware that putting in a link is an option – however in this particular situation, I actually think that the ‘redirect’ would give the (real) user a better experience (minus 1 click) and also give better opportunity ‘humanize’ the event – so what I’m looking for, is a return that directly opens the page [<a href="https://link.to/my-explanation/">Read more</a>]

I’ll think about it, but it’s a fairly large feature request and I’m not personally invested in it, so if I have inspiration and time, I’ll mess around with it.

Of course, pull requests are welcome – https://github.com/ipstenu/ban-hammer

When WP attempts to register a user, it checks the username and email for being empty or being filled with data it already knows (which is why one email per user). I’ve hooked into that function to say “AND if on this list, also report error.” via WP_Error.

Now in theory I can extend the check to redirect, but I’m using a return, and I honestly don’t know if putting in a redirect would work properly.

So. Maybe? If I can and have the time. But this one’s a feature request.

I fully understand. Thanks for considering. I imagined that for instance adding a simple PHP if condition// fopen function could do the job without jeopardizing security.

You mean ‘If there’s a URL set, redirect there’? It have to use wp_redirect() and I’d want to sanitize/escape the URL (unless it was using a page you select from dropdown, but even then has to be validated… People are amazingly imaginative). That’s the easy stuff. The hard is making sure its in the right place in the code, since I don’t want to trigger a redirect before the code has finished running.

If I trigger it on error but before results are output, what drama will that do to WP?

Ya, that is correct, and the challenging part. It should be triggered after #AND if on this list, also report error -and this could be – I assume – at the same time as the customized error message is generated. That would allow for ticked options of either a customized message or a redirect to chosen URL, selected on the admin settings of the plugin.

You could try stuffing a <script> tag in the return that uses javascript to redirect. Possibly
<script>window.location="https://link.to/my-explanation/";</script>
The obstacle will likely be data sanitization when you try to save that in the personalized message field.

Hi Jamie
That’s exactly the issue!
Thanks anyway ??

It’s been three months and I’ve sorted out how to do this SAFELY. Putting scripts in like you guys want is an invitation to an XSS attack. Bad days.

Instead, I have added in a new value for redirect URL. You check the box and you can enter a URL.

This ALSO comes with an upgrade to the (safer) settings API, so there is POSSIBILITY of your custom messages getting eaten and reset to default. I tested it a lot and I think I did it smartly? I hope so… Still. This is BETA so there be dragons ??

https://github.com/Ipstenu/ban-hammer/tree/REL_2.6

Download zip – https://github.com/Ipstenu/ban-hammer/archive/REL_2.6.zip

I never heard back from you as to if this worked. I plan to release it this month. Hope it does what you wanted!

Sorry for not getting back on this. I have been working on some other projects recently. However, I did try it out on a testing site. Worked well as far as I could conclude. Look forward to your dragon-free ?? update.