Validation creating user in the backend

administrator/components/com_users/models/user.php

@@ -213,7 +213,28 @@ public function save($data)
 		$user = JUser::getInstance($pk);
 
 		$my = JFactory::getUser();
-		$iAmSuperAdmin = $my->authorise('core.admin');
+		$iAmSuperAdmin = $my->authorise('core.admin');		
+
+		$config = JComponentHelper::getParams('com_users');
+		$whiteListMailDomain = explode("\r\n", $config->get('whiteListMailDomain'));
+		$blackListMailDomain = explode("\r\n", $config->get('blackListMailDomain'));
+
+		$userMailDomain = explode('@', $data['email']);
+		$getTLD = explode('.', $userMailDomain[1]);
+		$userMailTLD = array_pop($getTLD);
+		$needles = array(
+			'userMailDomain'	=> $userMailDomain[1],
+			'userMailTLD'		=> $userMailTLD,
+		);
+
+		// Check if the user mail domain or TLD is disallowed
+		if ((!empty(array_filter($blackListMailDomain)) && !empty(array_intersect($needles, $blackListMailDomain))) 
+			|| (!empty(array_filter($whiteListMailDomain)) && empty(array_intersect($needles, $whiteListMailDomain)))) 
+		{
+			$this->setError(JText::sprintf('COM_USERS_REGISTRATION_USER_MAIL_DOMAIN_NOT_ALLOWED_MESSAGE', $userMailDomain[1]));
+
+			return false;
+		}
 
 		// User cannot modify own user groups
 		if ((int) $user->id == (int) $my->id && !$iAmSuperAdmin && isset($data['groups']))

administrator/language/en-GB/en-GB.com_users.ini

@@ -280,6 +280,7 @@ COM_USERS_OPTION_SELECT_COMPONENT="- Select Component -"
 COM_USERS_OPTION_SELECT_LEVEL_END="- Select End Level -"
 COM_USERS_OPTION_SELECT_LEVEL_START="- Select Start Level -"
 COM_USERS_PASSWORD_RESET_REQUIRED="Password Reset Required"
+COM_USERS_REGISTRATION_USER_MAIL_DOMAIN_NOT_ALLOWED_MESSAGE="Your email domain <strong>%s</strong> is not allowed"
 COM_USERS_REQUIRE_PASSWORD_RESET="Require Password Reset"
 COM_USERS_REVIEW_HEADING="Review Date"
 COM_USERS_SEARCH_ACCESS_LEVELS="Search Viewing Access Levels"