From be1cc6c14166be7a7891ae1e921659c8c96816ad Mon Sep 17 00:00:00 2001
From: Retro_Guy <retro.guy@rocksolidbbs.com>
Date: Thu, 10 Nov 2022 07:19:45 +0000
Subject: [PATCH] Validate email domain on registration.

---
 Rocksolid_Light/common/register.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/Rocksolid_Light/common/register.php b/Rocksolid_Light/common/register.php
index 7af7e51..de97eab 100644
--- a/Rocksolid_Light/common/register.php
+++ b/Rocksolid_Light/common/register.php
@@ -185,6 +185,25 @@ if($clean_username != $_POST['username']) {
   exit(2);
 }
 
+if(filter_var($user_email, FILTER_VALIDATE_EMAIL) == false) {
+  echo "Email address format appears incorrect\n";
+  echo '<form name="return1" method="post" action="register.php">';
+  echo '<input name="username" type="hidden" id="username" value="'.$username.'" readonly="readonly">';
+  echo '<input type="submit" name="Submit" value="Back"></td>';
+    exit(2);
+  }
+
+if($CONFIG['verify_email']) {
+  $user_domain = explode('@', $user_email);
+  if((checkdnsrr($user_domain[1].'.', "MX") == false) && (checkdnsrr($user_domain[1].'.', "A") == false)) {
+    echo "Email domain appears to not exist\n";
+    echo '<form name="return1" method="post" action="register.php">';
+    echo '<input name="username" type="hidden" id="username" value="'.$username.'" readonly="readonly">';
+    echo '<input type="submit" name="Submit" value="Back"></td>';
+      exit(2);
+  }
+}
+  
 if (($_POST['password'] !== $_POST['password2']) || $_POST['password'] == '') {
   echo "Your passwords entered do not match\r\n";
   echo '<form name="return1" method="post" action="register.php">';