Reject Comments Based on Author Email

I know that I can't guarantee emails are valid without signups, but I noticed a problematic user wanting to troll was using @example.com email addresses.

How might I maintain a blacklist of such domains for comment authors? Specifically, how might I reject comments immediately if such a domain is used, notifying the user as such?

A wp_die('you must use a real email'); will likely do the trick, but which filter/when should the check be made?

Topic email comments moderation Wordpress

Category Web

1
answered at

Here's a suggestion for a filter:

/**
 * Filters a comment's approval status before it is set.
 *
 * @since 2.1.0
 * @since 4.9.0 Returning a WP_Error value from the filter will shortcircuit comment insertion and
 *              allow skipping further processing.
 *
 * @param bool|string|WP_Error $approved    The approval status. Accepts 1, 0, 'spam' or WP_Error.
 * @param array                $commentdata Comment data.
 */
$approved = apply_filters( 'pre_comment_approved', $approved, $commentdata );

where we can e.g. try the email domain parser by Gabriel Livan:

add_filter( 'pre_comment_approved', function( $approved, $commentdata ) {
    $domain = substr( strrchr( $commentdata['comment_author_email'], '@' ), 1 );
    $banned_domains = [
        'example.com',
        'example.org',
        'example.net',
        'localhost'
    ];
    if ( in_array( $domain, $banned_domains ) ) {
        wp_die( __( 'Please use a real email!' ) );
        //return new WP_Error( 'comment_real_email', __( 'Please use a real email!' ) );
    }
    return $approved;
}, 10, 2 );

where $banned_domains is the list of email domains we want to stop before it's saved into our database.

Another one that fires earlier is:

/**
 * Filters a comment's data before it is sanitized and inserted into the database.
 *
 * @since 1.5.0
 *
 * @param array $commentdata Comment data.
 */
$commentdata = apply_filters( 'preprocess_comment', $commentdata );

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.