My team and I (also at a university) had the same desire: we wanted to limit user registration to only our domain and subdomains. We also found it tedious and just plain ridiculous to list out all our possible subdomain (and keep track of them) in the Limited Email Domains field in Site Options. So, here is what we did:
First, we decided to use * in the Limited Email Domains field to indicate a wildcard of 1 or more characters.
Example: *.ouruniversity.edu
Next, in wpmu-functions.php, we altered the wpmu_validate_user_signup() function to iterate through the list of valid domains, and parse the characters into a proper PCRE regular expression. (replace . with \. and * with [-_.\a-zA-Z0-9]+ , then add \^ and \ around the new expression.
Example: \^[-_.\a-zA-Z0-9]+\.ouruniversity\.edu\
If our user-supplied $emaildomain matches any of the regex-ified limited email domains, we proceed. Otherwise, we return the "Sorry, that email address is not allowed!" message.
Here is the code:
$limited_email_domains = get_site_option( 'limited_email_domains' );
if ( is_array( $limited_email_domains ) && empty( $limited_email_domains ) == false ) {
$valid_email_domain_check = false;
$emaildomain = substr( $user_email, 1 + strpos( $user_email, '@' ) );
foreach ($limited_email_domains as $limited_email_domain) {
$limited_email_domain = str_replace('.', '\.', $limited_email_domain); // Escape your .s
$limited_email_domain = str_replace('*', '[-_\.a-zA-Z0-9]+', $limited_email_domain); // replace * with REGEX for 1+ occurrence of anything
$limited_email_domain = "/^".$limited_email_domain."/"; // bracket the email with the necessary pattern markings
$valid_email_domain_check = ($valid_email_domain_check or preg_match($limited_email_domain, $emaildomain));
}
if( !$valid_email_domain_check ) {
$errors->add('user_email', __("Sorry, that email address is not allowed!"));
}
}
Admittedly, this modified code takes more work to complete than the in_array() function. But, for our proposes, when we only have a few valid domains, the wildcard feature pays for itself quickly.
If anyone sees a flaw or vulnerability in this code, please let me know. Otherwise, I hope this is helpful to others with similar needs.