IP Tracking/Account Limiter

Forum
Last Post
Threads / Messages
ipengu

ipengu

Member
Premium Member
Joined
Aug 8, 2011
Messages
50
Points
0
Age
34
Location
Central NY
Mysidian Dollar
5,061
BROKEN AS OF 1.2.3, WORKING ON NEW RELEASE.

So this was the first mod I ever did to this script, simply because I forseen possible abuse (besides fact the donate script is 100% bugged and should be fixed/removed)

MAKE SURE YOU MAKE BACKUPS

To start you need to open phpmyadmin or whatever you use to manage your MySQL database.
Add a new column to YOURPREFIXHERE_users name the column "ip" (Obviously not the " 's only the word ip)

Open: register.php
Find: (Around line 25)
PHP: 
$hidden = $_POST["hidden"];

Add After:
PHP: 
$ip=$_SERVER['REMOTE_ADDR'];

Find: (Around line 57-66)
PHP: 
	//Next check that the username does not already exist...

	$flag = 0;
	$query = "SELECT * FROM ".$prefix."users WHERE username = '$username'";
	$result = @runquery($query);
	$num = @mysql_numrows($result);

	if($num > 0){
	$flag = 1;
	}

Add After:
PHP: 
	//Let's deny them if they already have an account with their current IP - BETA
	
	$ipflag = 0;
	$ipquery = "SELECT * FROM ".$prefix."users WHERE ip = '$ip'";
	$ipresult = @runquery($ipquery);
	$ipnum = @mysql_numrows($ipresult);

	if($ipnum > 0){
	$ipflag = 1;
	}

Find: (Around line 112-116)
PHP: 
	else if($flag > 0){

	//Username already exists
	$article_title = "Your username already exists";
	$article_content = $userexists;	

	}

Add After:
PHP: 
	else if($ipflag > 0){

	//ip already exists
	$article_title = "You already have an account";
	$article_content = $ipexists;	

	}

Find: (Around line 140) NOTE: If you've already done edits to the registration this may not be what you find, that's alright just add , '$ip' to the end of whatever you have as since you just made the ip column it should be the last.
PHP: 
runquery("INSERT INTO ".$prefix."users VALUES ('', '$username', '$pass1','$email','3','1', '$date', '0', '0' ,'0','0','','','','','', '{$GLOBALS['settings']['startmoney']}','','','$avatar', '', '', '', '0', 'Unknown', '')");
Replace with:
PHP: 
runquery("INSERT INTO ".$prefix."users VALUES ('', '$username', '$pass1','$email','3','1', '$date', '0', '0' ,'0','0','','','','','', '{$GLOBALS['settings']['startmoney']}','','','$avatar', '', '', '', '0', 'Unknown', '', '$ip')");

Close + Save register.php

Open: admin.php
Find: (Around line 1570)
PHP: 
<td width='60'><strong>Usergroup:</strong></td>
Add After:
PHP: 
<td width='60'><strong>IP:</strong></td>

Find: (Around line 1611)
PHP: 
$level=@mysql_result($result,$i,"usergroup");
Add After:
PHP: 
$ip=@mysql_result($result,$i,"ip");

Find: (Around line 1619)
PHP: 
<td><center>".$level."</center></td>
Add After:
PHP: 
<td><center>".$ip."</center></td>

Close + Save admin.php

Open: login.php
Find: (Around line 20, still no idea why I did this but eh it's there.)
PHP: 
$password = $_POST["password"];
Add After:
PHP: 
$ip=$_SERVER['REMOTE_ADDR'];

Find:(Around line 68)
PHP: 
$lpass=@mysql_result($result,$i,"password");
Add After:
PHP: 
$lip=@mysql_result($result,$i,"ip");

Find: (Around line 71 ITS RIGHT AFTER THE LAST EDIT)
PHP: 
$i++;
}
Add After:
PHP: 
if ($lip == ""){
mysql_query("UPDATE ".$prefix."users SET ip='".$ip."' WHERE ip=''");  
}

Close + Save login.php

Open: lang/lang.php
Find: (Around line 18)
PHP: 
$userexists = "We're sorry, but the username you have selected already exists.  Please <a href='register.php'>go back</a> and choose another username.";
Add After:
PHP: 
$ipexists = "We're sorry, but you're only allowed one account, our records show you already have an account.  Please <a href='login.php'>login here</a>.";

Close + Save lang/lang.php
 
Last edited:
This is very nice, their isn't a lot of tracking (in this script) to tell if any users are trying to break the system.
 
That's brilliant. Is there a way to make it so a certain IP can only have, say 5 accounts instead of one? Some of my users share IPs with their family.

Also, for the part that says "You already have an account" maybe have a link to the 'forgot password' page.
 
Last edited:
I've been testing these on low member servers, but I imagine this would have to be re-adapted for a high member volume website, at least a one pass through the database, check for multiple IP's if they exist email user a warning to pick an account to keep (freeze both/all accounts linked to same ip so they cant do sudden transfers and such)
 
Also I'm sure its possible by messing with perhaps the ipflag section of register.php

Not 100% positive as I made this.... almost a month or so ago, I was surprised to remember all my edits.
 
I do not understand this:
To start you need to open phpmyadmin or whatever you use to manage your MySQL database.
Add a new column to YOURPREFIXHERE_users name the column "ip"
Click to expand...

What is column ip ? i need help , i no know the columns

Thanks.
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
GeneticAlpha Help with keeping members IP limited to 1 account Questions and Supports 1
KatFennec Account registration issues after Domain name change Questions and Supports 8
S Failed to create forum account :/ Questions and Supports 3
SilverDragonTears Failed to create forum account Questions and Supports 4
tahbikat Would deleting an account on site affect forum integration? Questions and Supports 2

Similar threads

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
  • Forum Contains New Posts
  • Forum Contains No New Posts

Forum statistics

Threads
4,277
Messages
33,118
Members
1,602
Latest member
BerrieMilk
BETA

Latest Threads

Latest Posts

Share

Top