Software, your way.
How To Get Good Custom Software
(Download)
(PDF)
burger menu icon
WillMaster

WillMaster > LibraryManaging Website Forms

FREE! Coding tips, tricks, and treasures.

Possibilities weekly ezine

Get the weekly email website developers read:

 

Your email address

name@example.com
YES! Send Possibilities every week!

Banning Certain Email Addresses From Forms

Certain email addresses can be banned before the form is submitted.

This means the form submission will not reach the software that the form would submit to. So you don't have to modify that software.

This can come in handy if you keep getting bothered by a certain person using your form in a manner inconsistent with civility. It's easy to add or remove email addresses for banning, or to ban all email addresses @ a specific domain name.

The functionality requires JavaScript.

Here is how it works:

  1. An invisible div contains the email addresses to be banned.

  2. When the form is submitted, JavaScript checks to see if any of the banned email addresses are used in the form's email field.

If there is a match, the form is prevented from submitting.

Emails can be banned by complete email address or by domain name.

Here are examples.

  • When name@example.com is banned, then only name@example.com is banned.

  • When @example.com is banned, then all email addresses to @example.com are banned.

  • When example.com is banned (no leading "@" character), then all email addresses that end with example.com are banned. Each of the following would be banned.

    name@example.com
    name@coinexample.com
    name@books.example.com
    name@books.coinexample.com

Email addresses are case-insensitive. Capital letters are converted to lower-case letters before matches are tested.

Giving Forms Email Banning Functionality

There are 3 steps, all affecting the source code of the web page where the form is located:

  1. Create a div with id="banned-emails-list-div" and CSS style display:none; on the web page.

  2. Publish JavaScript (provided below) on the web page.

  3. Tweak the form to hook it up to the JavaScript.

Creating a div to Contain Banned Email Addresses

The div with your banned email addresses is designed to make it as easy as possible to insert and remove addresses as needed.

There is no JavaScript within this div. Simply type in the addresses or delete addresses already there.

The div has an id="banned-emails-list-div" attribute so the JavaScript can find the addresses and a CSS style display:none; to prevent the div from being published.

Here is the div with 3 example email addresses to ban. 

<div id="banned-emails-list-div" style="display:none;">
one@two.com 
@domain.com 
example.com 
</div>

Review:

  • The first example in the above banned-emails-list-div bans the email address one@two.com.

  • The second example bans all email addresses at @domain.com.

  • The third example bans all email addresses that end with example.com, including subdomains.

Email addresses/domain names in the id="banned-emails-list-div" div may be on the same line or on multiple lines. If more than one email address/domain name is put on a line, separate them with one or more spaces and/or commas.

If the id value banned-emails-list-div is changed, there is a place in the JavaScript where a corresponding change needs to be made. That's so the JavaScript knows the identification of the div.

Put the banned email addresses div anywhere in the source code of the web page, so long as it is somewhere between the <body…> and cancel </body> tags.

The JavaScript

Paste the JavaScript somewhere in the source code of the web page, anywhere that JavaScript can go. Immediately above the cancel </body> tag is good if you don't have somewhere else you prefer it to be.

Here is the JavaScript code. There are two places to edit, which are mentioned below the code. 

<script type="text/javascript">
/* Check Banned Email List
   Version 1.1
   May 31, 2024
   Added @domain name functionality.
   Version 1.0 was released October 19, 2019
   Will Bontrager Software LLC
/*
function CheckBannedEmailList()
{
   var IDofEmailListDiv = "banned-emails-list-div";
   var IDofEmailField = "email-field";
   var addy = document.getElementById(IDofEmailField).value.replace(/^[\s\,]*/,"");
   addy = addy.replace(/[\s\,]*$/,"");
   if( ! addy.length ) { return true; }
   addy = addy.toLowerCase();
   var s = document.getElementById(IDofEmailListDiv).innerHTML.replace(/^[\s\,]*/,"");
   s = s.replace(/[\s\,]*$/,"");
   s = s.toLowerCase();
   var list = s.split(/[,\s]+/);
   var len = list.length;
   for( var i=0; i<len; i++ )
   {
	   list[i] = list[i].toLowerCase();
      if( list[i].match(/^\@/) )
      {
      	s = addy.replace(/^[^\@]+/,"");
         if( list[i] == s ) { return false; }
         continue;
      }
      if( list[i].match(/\@/) )
      {
         if( list[i] == addy ) { return false; }
         continue;
      }
      var ndx = addy.indexOf(list[i]);
      if( ndx < 0 ) { continue; }
      if ( (ndx+list[i].length) == addy.length ) { return false; }
   }
   return true;
}
</script>

Customization notes —

At about lines 11 and 12, you'll see these two lines of JavaScript code. 

var IDofEmailListDiv = "banned-emails-list-div";
var IDofEmailField = "email-field";

banned-emails-list-div is the id value of the div with your banned email addresses. If you change the id value, then the banned-emails-list-div value needs to be changed accordingly.

email-field represents the id value of the form field where the form user types in the email address. Change email-field to the correct id value of that form field. If the form field does not yet have an id value, give it one.

Hooking Up the Form

To hook up the form to the JavaScript, insert an onsubmit attribute into the form's form tag (colored blue in this example). 

<form onsubmit="return CheckBannedEmailList()" method="post" action="script.php">

The attribute tells the form to check the email address in the email address field against the email addresses/domains you have banned. If there is a match, the form won't submit. Otherwise, the form submits normally.

If it is inconvenient to insert the onsubmit attribute into the form's form tag, there is an alternative.

The alternative method to hook up the form to the JavaScript is to insert an onclick attribute into the form's submit button tag (colored blue in this example). 

<input type="submit" onclick="return CheckBannedEmailList()" value="Tap Me">

That works when the submit button is clicked, but is unlikely to work when the form is submitted in other ways, like hitting the "Enter" key of one-text-field forms.

Your implementation is now complete.

Whenever someone (or you, while testing) types in a banned email address or an email address with a banned domain, the form won't submit. Otherwise, the form works as expected.

(This content first appeared in Possibilities newsletter.)

Will Bontrager

Was this article helpful to you?
(anonymous form)

Support This Website

Some of our support is from people like you who see the value of all that's offered for FREE at this website.

"Yes, let me contribute."

Amount (USD):

Tap to Choose
Contribution
Method

All information in WillMaster Library articles is presented AS-IS.

We only suggest and recommend what we believe is of value. As remuneration for the time and research involved to provide quality links, we generally use affiliate links when we can. Whenever we link to something not our own, you should assume they are affiliate links or that we benefit in some way.

More "Managing Website Forms" Articles

Another Form Spam Prevention Technique

Star Rating in a Form

Putting the Form URL Into a Form Field

Other Recent Articles from the Library

Ways to Use QR Codes

Click to Select

The HTML 'article' Tag

Countdown Redirect

Search Files on the Server

How Can We Help You? balloons
How Can We Help You?
bullet Custom Programming
bullet Ready-Made Software
bullet Technical Support
bullet Possibilities Newsletter
bullet Website "How-To" Info
bullet Useful Information List

© 1998-2001 William and Mari Bontrager
© 2001-2011 Bontrager Connection, LLC
© 2011-2024 Will Bontrager Software LLC