Restrict spam email M2 Registertation

At the moment, the users can register with the same emails by adding plus(+) Sign to their same email ID, eg:
abc+one@gmail.com, abc+two@gmail.com etc

Would like to know if there is any quick workaround to prevent users from creating such registrations via the Register form of M2

  • Ivan

    Hi Dario !

    You could try adding the following snippet in a MU plugin ( more info about MU plugins is here )

    <?php
    function wpmu_m2_restrict_email( $validation_errors, $obj ) {
    	if ( empty( $validation_errors->errors['emailnotvalid'] ) && ( empty( $obj->email ) || false !== strpos( $obj->email, '+' ) ) ) {
    		$validation_errors->add(
    			'emailnotvalid',
    			__( 'The email address is not valid, sorry.', 'membership2' )
    		);
    	}
    	return $validation_errors;
    }
    add_filter( 'ms_model_membership_create_new_user_validation_errors', 'wpmu_m2_restrict_email', 10, 2 );

    Best,
    Ivan.

  • Adam Czajczyk

    Hi Dario

    I hope you're well today!

    "MU Plugin" stands for "must use" plugin and it's a special kind of WordPress plugin that gets executed each time and doesn't require any activation/installation (and can't also be disabled via the dashboard).

    To use the code that Ivan shared, please follow these steps:

    1. create an empty file with a .php extension (e.g. "stop-membership-spam-registration.php")
    2. Open that file with some "clear text" editor (such as e.g. Notepad++, Sublime or similar)
    3. Copy and paste Ivan's code into it and save the file
    4. Using FTP or cPanel's File Manager upload the file to the

    /wp-content/mu-plugins

    folder of you site's WP install on the server.

    If there's no "mu-plugins" folder inside "wp-content" folder, simply create it. Please note: it has to be "/wp-content/mu-plugins/" and not '/wp-content/plugins/mu-plugins" :slight_smile:

    Nothing more needs to be done and the code will automatically get executed.

    Best regards,
    Adam