I designed a registration form that users can use for registration.
When the user registers an account, he/she has to provide an email and then I will use ajax call to a server php script called checkavailableemail.php.
If the provided email exists in the DB, then I will transfer back FALSE and the user can see the red warning message and form cannot pass the validation procedure.
Here is the question,
Is there a way that I can prevent spam from getting all available emails in my DB?
For example, the bad guy can design an auto-script that uses some methods to continuously send email validation request. In the end, the guy can get a full list of all my current customer email account.
Thank you
There are gazillions of email IDs possible.
The bad guy need to send gazillion requests to get your current customer email accounts list. So, if you get a lot of requests from a single IP, you can temporarily block that.
So, no need to worry.
[EDIT]: OP Clarification:
You can get the IP of the user by this code:
Keep a list of number of requests made by an IP in last 24 hours, log them into a database table. if number of requests go beyond a certain limit, say 500, you can deny requests from this IP by checking the IP of the user with same code.