When an email address is of the correct format check if there is an mx record for the domain part. This forces people wanting to trash something in aur to use a domain part with an mx record. This will not stop invalid email, it only adds an extra check and a possible help for typos. Signed-off-by: BlackEagle <ike.devolder@gmail.com> --- web/lib/aur.inc.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index c662b80..48fb860 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -80,7 +80,16 @@ function check_sid($dbh=NULL) { # verify that an email address looks like it is legitimate # function valid_email($addy) { - return (filter_var($addy, FILTER_VALIDATE_EMAIL) !== false); + if (filter_var($addy, FILTER_VALIDATE_EMAIL) === false) { + return false; + } + + $domain = substr($addy, strrpos($addy, '@') + 1); + if (checkdnsrr($domain, 'MX') === false) { + return false; + } + + return true; } # a new seed value for mt_srand() -- 1.7.9.4