that’s an interesting point.
On email addresses, users do not know each others email addresses from the website, and emails addresses are not shown (unless you are using them as usernames). It is possible that registered user George with email abc@def.com wants to post an anonymous comment alongside his real one. He can post with a username of say Fred, but must enter an email address in the form, so does he use his real one (abc@def.com) or must he enter a made up one? And if you don’t permit a real one from a registered user being used, then as an anonymous poster if I try an email address and it rejects, I know that the user with that email address is already on the site. That user might not want it know that he uses the site, but by testing and telling people that email address exists you are publicizing who is using the site. It’s almost certainly doable, but might have undesired consequences.
On usernames, it is equally possible for one anonymous user to pose as another anonymous user, so it is not just registered users who can get spoofed. Now you could add a test for registered users, and reject these, and that might be sensible, but it is beyond free help, as it would be a chunk of work to do.
If interested in email or username checking, contact me via
http://www.rewweb.co.uk/contact-me/ with a link bacjk to this thread.
