Providing an invalid e-mail address is one of the most common mistakes people do when shopping online and WooCommerce is not an exception. It is a mistake so common, that at least 1 of the 100 people will make a typo in their e-mail address when filling out a checkout form.
WooCommerce still does not do a proper domain validation for e-mail addresses and that is one of the reasons why WooCommerce store owners often get calls from their customers about order not being placed. All it does is a basic check if the provided e-mail address is in a correct format. On top of that – this also allows malicious bots to place orders or register accounts with non-existant e-mail addresses.
Further down in this article you will find a ready to use solution on how to properly validate customer e-mail addresses on the WooCommerce Checkout and WooCommerce Registration forms (both WooCommerce Classic and WooCommerce Blocks checkout are supported!) – if you’re not into reading, you can jump straight to the solution.
How a proper e-mail validation should work:
- Reduce the chance for user to enter an incorrect e-mail address – make the e-mail field larger, with large enough, easy-to-read text and contrasting colors so it is easy to spot typos.
- Check the entered e-mail address against common syntax errors – make sure it is provided in a proper format (WooCommerce already does that so skip to next step)
- Check the domain of entered e-mail address against whitelist of domain names used by common e-mail providers (e.g. gmail.com, outlook.com, yahoo.com and so on)
- Check the domain of entered e-mail address against blacklist of domain names (e.g. example.com, gnail.com, gmai.com, gail.com, outloo.com and so on). This blacklist is important because for each known e-mail provider there are tons of similar domain names which are active and validity of the entered e-mail address can’t be ensured in other ways. An e-mail address may be valid, but if the domain is similar to a known e-mail provider – it is a high chance that the user has made a typo.
- After the basic validation steps are done – check if the e-mail address domain is active by querying its DNS records. This is also very important when dealing with user made typos.
Code snippet: Additional e-mail validation for WooCommerce checkout and registration forms
Just place this code in your theme functions.php file or add it as a must-use plugin. This code snippet will do additional validation for the e-mail address input fields on WooCommerce checkout and registration forms by checking if a domain of the e-mail provider is valid (whitelist check, blacklist check and validation of domain DNS records).
This code snippet supports both: WooCommerce Classic Checkout and WooCommerce Blocks Checkout forms
//DoInWP - Function to check if e-mail address is valid and reachable
if(!function_exists('dwp_check_if_email_is_valid')) {
function dwp_check_if_email_is_valid($email) {
$email_precheck = !empty($email) && strpos($email, '@') !== false && filter_var($email, FILTER_VALIDATE_EMAIL);
if($email_precheck === FALSE) {
return false;
}
$email_domain = preg_replace('/^.+?@/', '', $email);
$email_domains_whitelist = ['gmail.com', 'yahoo.com', 'outlook.com', 'icloud.com'];
$email_domains_blacklist = ['gmai.com', 'gmeil.com',
'gmail.co', 'gmaii.com', 'gmailc.com', 'gmil.com', 'gmsil.com', 'gnail.com',
'icloudl.com', 'yaho.com', 'example.com'];
if(in_array($email_domain, $email_domains_whitelist)) {
return true;
}
if(in_array($email_domain, $email_domains_blacklist) || (!checkdnsrr($email_domain.'.', 'MX') && !checkdnsrr($email_domain.'.', 'A'))){
return false;
}
return true;
}
}
//DoInWP - E-mail Validation for WooCommerce Classic Checkout
add_action('woocommerce_checkout_process', function() {
if(isset($_POST['billing_email']) && !dwp_check_if_email_is_valid($_POST['billing_email'])) {
wc_add_notice( esc_html__( 'You entered an invalid or non-reachable e-mail address. Please check it and try again.', 'woocommerce' ), 'error' );
}
});
//DoInWP - E-mail Validation for WooCommerce Blocks Checkout
add_action('woocommerce_store_api_checkout_update_order_from_request', function($order, $request) {
$email = $order->get_billing_email();
if(!dwp_check_if_email_is_valid($email)) {
throw new \Automattic\WooCommerce\StoreApi\Exceptions\RouteException(
'woocommerce_rest_checkout_invalid_email_domain',
esc_html__( 'You entered an invalid or non-reachable e-mail address. Please check it and try again.', 'woocommerce' ),
400
);
}
}, 10, 2);
//DoInWP - E-mail Validation on WooCommerce Registration Form
add_filter('woocommerce_registration_errors', function($errors, $username, $email) {
if(empty($email)) {
return $errors;
}
if(!dwp_check_if_email_is_valid($email)) {
$errors->add(
'woocommerce_registration_error_invalid_email_domain',
esc_html__('You entered an invalid or non-reachable e-mail address. Please check it and try again.', 'woocommerce'));
}
return $errors;
}, 10, 3);
One other question I have for you regarding this code.
Does it validate the email as soon as you type it in and tab to the next field or do you have to press CHECHOUT/PLACE ORDER on the checkout page before it does its thing?
It is not working either way for me at the moment unless you have a fix?
I thought it might be the Woocommerce Checkout Manager plugin that was causing the issue but I deactivated it and no difference
This will work only when a submit button is pressed (e.g. Place Order).
Thanks for providing this post and the code.
Unfortunately I tried pasting it into my functions.php file and it did not do anything. Invalid emails were still allowed and I am not sure why. I am not an expert by any means on code snippets so I may not have done something I was supposed to do.
Hey Glenn,
First of all – a big thanks for reaching out and pointing out the problem! 🙂 The solution was a bit outdated and did not include the support for the more-recent WooCommerce Blocks Checkout which was released on November 2023 (it was only working for WooCommerce classic checkout forms). In reply to your comment, I’ve updated the code snippet with more universal solution which support both WooCommerce checkout mechanisms and will validate e-mails also on WooCommerce registration form.