PDA

View Full Version : Administrative and Maintenance Tools - Multiple Account Registration Prevention


randominity
19 Sep 2006, 19:48
*Note* This requires the Multiple Account Login Detector (AE Detector) (http://www.vbulletin.org/forum/showthread.php?t=125871) in order to function. Big thanks to MPDev for the AE Detector hack, I have used/modified his code for use in parts of this mod (with permission).

*Note 2* My forum's servers are driving me nuts right now, big load times, etc and I'm about to cut myself from waiting for a page to load - so I haven't thoroughly tested all the new goodies I've added. If you find that something doesn't work please let me know.

Description
When an user registers, this plugin checks for the cookie that the AE Detector sets, if it exists, then this plugin will move the user to a specified usergroup (default is to the (COPPA) Users Awaiting Moderation usergroup). This will now check the user's IP address upon registration, and if it matches any others, it will place them in the Multiple Account (MA) usergroup . Also you have the option to ban the new account if the old account was banned.

You can turn the new features on/off accordingly in the settings area.


Install / Upgrade
Download the attached XML file, and import it at
Admin Control Panel > Plugins & Products > Manage Products > Add/Import Product

Remember to "Allow Overwrite" if you are upgrading.

Mod Info
1 - Query
3 - Phrases
2 - Plugins
0 - Template
0 - Template Edits


v1.0.2

Fixed some major bugs that made the last release basically useless.

v1.0.1

There is now an option prevent account registrations based on IP addresses.
If a banned user attempts to create a new account, the new account will automatically be banned.
Multiple account registrations will now send a PM or make a thread

v1.0.0

Initial beta release



Please click "Install" if you have installed this mod! Thanks!

FleaBag
19 Sep 2006, 20:12
Nice hack! A lot of my users are logging in from college/work, using shared computers. Would be bad for me but I can see the benefit!

randominity
19 Sep 2006, 20:33
Keep in mind this doesn't affect the login process, just the registration. And I guess it doesn't really "prevent" registration, just sends it to a different registration process.

MPDev
19 Sep 2006, 20:40
Nice add-on! What a great idea.

randominity
19 Sep 2006, 20:56
Originally I had it set to "Moderate New Users" for vB, and I would have AE Detector make new threads in a forum for Multiple Accounts it found, but it got tedious having to look for 'em all.

So I finally got fed up and made this ^^

If anyone has any suggestions, I'm all ears... one thing I've noticed that would be helpful is to do the AE Detection process at the same hook as this plugin. For example, since I have AE Detector make a new thread; if a user tries to register, make a new thread saying "userx has tried to register account: usery" or something.

DementedMindz
19 Sep 2006, 21:53
randominity great addon just a quick question say I move them to banned usergroup, will it only move the name just registering or both names that match?

Peter_Rosado
19 Sep 2006, 21:59
I guess this doesn't work in 3.5.5 right? :(

randominity
19 Sep 2006, 22:16
randominity great addon just a quick question say I move them to banned usergroup, will it only move the name just registering or both names that match?

just the name registering.

and I will post a 3.5.x version of the script in a little bit.

Snake
20 Sep 2006, 11:03
Excellent! I thank you for making this. :)

Nathan2006
20 Sep 2006, 19:45
Im going to try this :)

Thank you randominity

Install

Quarterbore
20 Sep 2006, 19:57
I had a major problem with the original hack as I did a site upgrade using Impex and MOST of my member's userid shifted. So, using this, I should be able to prevent these members from registereing unless they are clever enough to clear the cookies in their browser or register from a second PC that they had not previously logged in from...

I'll have to try it!

Works great even with my issues with duplicate IDs...

The only addition I would like to see is an option to send a PM or start a new thread when a member tries to join that was flagged as already as being a member with the other member ID info... The way this works the members is put in the moderated list but there is no easy way to know it is there or why.

Quarterbore
20 Sep 2006, 21:33
Woot... It works Now!!! I really needed this... I will leave it between the two coders that made the hacks to decide who deserves the credit as I just slapped the two pieces together....


//if the cookie exists then we know that the user already has an account
if (isset($_COOKIE['IDstack']) && $vbulletin->options['marpon'])
{
//set the usergroup to the one specified in options, or Users Awaiting Moderation
$userdata->set('usergroupid', $vbulletin->options['marpusergroup']);


//Update their ID stack and PM or Post to thread

$idstack = $_COOKIE['IDstack'];

$idstack .= ",{$vbulletin->userinfo['userid']},";
setcookie("IDstack", $idstack, time()+10368000, "/");

$Unums = split(",", $idstack);
$andids = null;
$numvs = 0;

for ($i = 0; $i < (sizeof($Unums)); $i++)
{
if( verify_id('user', $Unums[$i], FALSE, -1, -1) )
{
if (!empty($Unums[$i]) && is_numeric($Unums[$i])) {
$checkuser = $vbulletin->db->query_first("SELECT username FROM " . TABLE_PREFIX . "user WHERE userid={$Unums[$i]}");
if ( !empty($andids) ) $andids .= "and";
$andids .= " ". $checkuser['username'] ." (. $vbulletin->options['bburl'] ."/member.php?u=" . $Unums[$i] . ) ";
$numvs++;
}
}
}


$allowsmilie = '1';
$visible = '1';
//$message = construct_phrase($vbphrase['multiplelogin_alert'], htmlspecialchars_uni($vbulletin->userinfo['username']), $andids);
$message = htmlspecialchars_uni($vbulletin->userinfo['username']) . " seems to be registering a multiple personality using $andids sharing the same computer.";

// get admin users
$adminusers = split(",", $vbulletin->options['ae_adminusers']);
$fromuser = fetch_userinfo($vbulletin->options['ae_sender']);
$subject = $vbulletin->userinfo['username'] . " opened another account";

// create the DM to do error checking and insert the new PM (needs to be here)
$pmdm =& datamanager_init('PM', $vbulletin, ERRTYPE_SILENT);
$ipaddress = $vbulletin->config['ae_adminip'];

if($vbulletin->options['ae_sendpm'] == '1')
{
$pmdm->set('fromuserid', $fromuser['userid']);
$pmdm->set('fromusername', $fromuser['username']);
$pmdm->set_info('reciept', false);
$pmdm->set_info('savecopy', false);
$pmdm->set('title', $subject);
$pmdm->set('message', $message);
$pmdm->set_recipients($vbulletin->options['ae_recipients'], $fromuser['permissions']);
$pmdm->set('dateline', TIMENOW);
$pmdm->save();
}

if($vbulletin->options['ae_startthread'] == '1' AND $vbulletin->options['ae_forumid'])
{
require_once(DIR . '/includes/class_dm_threadpost.php');

// setup variables
$forumid = $vbulletin->options['ae_forumid'];
$threaddm = new vB_DataManager_Thread_FirstPost($vbulletin, ERRTYPE_STANDARD);

// insert thread
$threaddm->do_set('forumid', $forumid);
$threaddm->do_set('userid', $fromuser['userid']);
$threaddm->do_set('username', $fromuser['username']);
$threaddm->do_set('pagetext', $message);
$threaddm->do_set('title', $subject);
$threaddm->do_set('allowsmilie', $allowsmilie);
$threaddm->do_set('visible', $visible);
$tid = $threaddm->save();

require_once(DIR . '/includes/functions_databuild.php');
build_forum_counters($forumid);
}
}


If this was wrong of me to post the code here with the code from the original AE detector mod, send me a PM and I will remove it...

randominity
21 Sep 2006, 02:19
I was gonna do the same thing, just had to study for exams this week ~~

Quarterbore
21 Sep 2006, 03:22
This fixed all my problems...

Now, I need to remove the code from the original hack that posts when they login as with almost 2000-members and about 1500 that have a new userid I got real tired of all the false hits... Now, I get a report when the new account is started and NOT when userids shift because of a site upgrade...

I have tested this quite a bit on my site (my hybrid of the two hacks) and it seems stable on my site and it would report as few as two or as many as I care to create! Simply awsome... Thanks!

DementedMindz
21 Sep 2006, 11:37
strange I had ae go off this morning yet it didnt move the new account into banned usergroup.

viyanali
21 Sep 2006, 17:55
really nice work. think evreyone who uses ae is searching for something like that.
Now my questions:)
is it possible that may a banned user will be put automaticly in the banned group? and a second suggestion(question) the automatic thread creation only works when the user logs out and logs in again. thats a problem because when i have to moderate the user i have to know wich usernames he/she had before. could be there a option to list all usernames from AE like the ipinfo hack.(without searching the threads:)
I think these two options would make this hacks perfect.:)

Quarterbore
21 Sep 2006, 21:05
really nice work. think evreyone who uses ae is searching for something like that.
Now my questions:)
is it possible that may a banned user will be put automaticly in the banned group? and a second suggestion(question) the automatic thread creation only works when the user logs out and logs in again. thats a problem because when i have to moderate the user i have to know wich usernames he/she had before. could be there a option to list all usernames from AE like the ipinfo hack.(without searching the threads:)
I think these two options would make this hacks perfect.:)

The code I posted takes care of the second part... When a person registeres that already has the cookie on their machine they cause the generation of a new thread or PM (I did not test the PM as I have that disabled on my site) and the new thread lists all the accounts that person has.

As for the first question, that is a tougher issue... The cookie does contain an array of userids that the user had logged in with so I guess you could run the values in there against the banned usergroup. If you get a match then you could ban the new userid.. Personally, as long as they can't post they can't do my site too much harm so I am not going to code that myself...

viyanali
22 Sep 2006, 14:56
hmm thx:) that was what i needed..
The only thing is that there is a little bug. Because u hook the registration process location u get for a evrey multiple account registration try a thread wich means when somebody writes the informations and hits register and cant couse of for example wrong image verfication u get a thread opened. If then the user decided not to register u have a wrong thread.. and a second one is if the user trys to register and again for example he hits registration button 3 times couse he wrote always the code false u will get 3 threads and so on. I still use the code u sended but i made a new plugin with that code wich hooks the register_addmember_complete location. So its working without bugs now:)

murrtex
26 Sep 2006, 14:45
when I use firefox I can register from the other browsers..why??

randominity
28 Sep 2006, 18:47
when I use firefox I can register from the other browsers..why??

because it is cookie based, each browser's cookies are different.

Tom1234
28 Sep 2006, 19:19
randominity,

How about incorporating Quarterbore's code (with viyanali's fix to hook the register_addmember_complete location instead) into a new release so we can properly have it post a new thread when the detector is tripped upon registration?

randominity
28 Sep 2006, 19:31
I'm working on this (plus more) as we speak :)

randominity
28 Sep 2006, 23:40
Again, I hate not being able to test all the features, but when I try to refresh a forum I just get a stupid file download dialog and the page refuses to load.

Hopefully everything works, but we all know how coding is :p

Tom1234
29 Sep 2006, 08:57
Again, I hate not being able to test all the features, but when I try to refresh a forum I just get a stupid file download dialog and the page refuses to load.

Hopefully everything works, but we all know how coding is :p

Ummm... are you saying that you have just released a new version here but it's not well tested?

Tom1234
29 Sep 2006, 09:06
I see you have added the following:

* There is now an option prevent account registrations based on IP addresses.

Isn't that capability already built into vBulletin?


* If a banned user attempts to create a new account, the new account will automatically be banned.

Is this configurable? That may not be desirable in the event that a shared computer (such as library) and web browser is used by both a banned user and legit new registrations.


* Multiple account registrations will now send a PM or make a thread

Great. Thanks.

randominity
29 Sep 2006, 15:20
I see you have added the following:

* There is now an option prevent account registrations based on IP addresses.

Isn't that capability already built into vBulletin?


I mean that it looks up the users IP address to see if there is already an account registered with the same IP.

* If a banned user attempts to create a new account, the new account will automatically be banned.

Is this configurable? That may not be desirable in the event that a shared computer (such as library) and web browser is used by both a banned user and legit new registrations.


Yes, all the new features are configurable.

h_kakashi
29 Sep 2006, 16:53
Great Idea and hack :)

DementedMindz
29 Sep 2006, 19:25
Just wondering why doesnt it change the user title if they are moved to banned usergroup? They get banned but there title stays as a regular member.

murrtex
29 Sep 2006, 22:09
sorry randominity it dosent work on me..I think it could be check IP..it would be better ;)
nevermind thanks

CSS59
30 Sep 2006, 00:37
thank you, this will help me a lot

DementedMindz
30 Sep 2006, 01:23
WOW this banned every new member who signed up today
(only since the new update last version worked great). I tried making a name from my girls house which it wouldnt even know my name or ip and it banned it too.

Nathan2006
30 Sep 2006, 02:36
After I installed this a few days of new members and them not posting I sat and wondered what was wrong.

So I had a look around and found all members were placed into email confirm and that was after they had all confirmed there email addresses.

So sorry I had to remove it and all my new members are posting as soon as they have signed up :)

I will still keep an eye on this thread tho ;)

DementedMindz
30 Sep 2006, 04:13
yeah mine would have done the same thing but I move mine to banned I got home with alot of emails asking why they were banned

EasyTarget
30 Sep 2006, 17:31
can you make it so that if it finds the cookie on the machine and the users userid isn't one of the exceptions then it moves them to a usergroup that we specify or just gives them a new error message like "Multiple accounts are disabled. If you are sharing a computer with someone and would like your own account please contact a staff member."

randominity
30 Sep 2006, 17:35
can you make it so that if it finds the cookie on the machine and the users userid isn't one of the exceptions then it moves them to a usergroup that we specify or just gives them a new error message like "Multiple accounts are disabled. If you are sharing a computer with someone and would like your own account please contact a staff member."

o.O that's currently what it does (minus the error message).



working on a fix atm... just gotta test the autoban feature.

EasyTarget
30 Sep 2006, 21:29
sorry, I thought it was ip based. Its uses both I take it.

What about a page like banlist but it shows all users with multiple accounts or whatever? A very useful hack but I really don't want pm's or threads created, I'd much rather be able to see a list of names somewhere.

Peter_Rosado
30 Sep 2006, 23:46
After I installed this a few days of new members and them not posting I sat and wondered what was wrong.

So I had a look around and found all members were placed into email confirm and that was after they had all confirmed there email addresses.

So sorry I had to remove it and all my new members are posting as soon as they have signed up :)

I will still keep an eye on this thread tho ;)
Happened to me too :hurt:

randominity
01 Oct 2006, 21:49
sorry, all problems should be fixed now ^^

murrtex
01 Oct 2006, 22:12
still I can register same IP and from different browsers....

randominity
02 Oct 2006, 05:14
still I can register same IP and from different browsers....

make sure you have the option turned on to prevent registration from same IP addresses.

DementedMindz
06 Oct 2006, 17:58
testing the new version out hopefully it dont auto ban everyone that joins up now since I move everyone with 2 accounts to banned.

randominity
10 Oct 2006, 04:41
has anyone found anymore bugs?

DementedMindz
10 Oct 2006, 06:08
so far so good so no Ihave not found any.

rinkrat
10 Oct 2006, 07:36
Will it ban all aol users since they all use the same ip addresses?

randominity
10 Oct 2006, 15:51
Will it ban all aol users since they all use the same ip addresses?

It doesn't ban users, if they try to register and their IP is already connected with an account, then the account they try to register will be put in a moderation queue for you to approve.

You can turn this option off as well.

DementedMindz
11 Oct 2006, 00:16
I found one bug... when you get this message.. Other users that have the same IP address are: the first username always has /member.php?u=0 which is wrong it should be there userid instead of 0 everytime.

vfxpro
11 Oct 2006, 18:37
installed the hack and waiting to see what happens. Hopefully it'll help curb our multiple account problem.

BTW, anyone know of an easy way to clean out the ol' multiple accounts on a via searchin via IP addess. Is there an easy way to do this in vB?

oldfan
15 Oct 2006, 04:47
just the name registering.

and I will post a 3.5.x version of the script in a little bit.

Still working on it?

oldfan
16 Oct 2006, 23:48
Still working on it?

n/m I just upgraded thanks

randominity
16 Oct 2006, 23:49
Still working on it?

http://www.vbulletin.org/forum/showthread.php?p=1098542#post1098542

Let me know if it installs.

DementedMindz
17 Oct 2006, 00:21
any word on this bug? http://www.vbulletin.org/forum/showpost.php?p=1094279&postcount=46

randominity
17 Oct 2006, 05:49
any word on this bug? http://www.vbulletin.org/forum/showpost.php?p=1094279&postcount=46

yeah for some reason I put the IP checking code before the registration completes, so the new user doesn't have a user id yet... will change it as soon as I can, but got some exams coming up, and right now I'm still recovering from the Bears game WOOO

Dennis B
24 Oct 2006, 00:33
Great work radominity, hope that little bug is fixed as soon as you can. :)

almqdad
28 Oct 2006, 17:25
well this work with 3.5.4 pacefully

it has more feature than the other version

If a banned user attempts to create a new account, the new account will automatically be banned.

gunitman247
23 Nov 2006, 22:48
is there a wasy to totally cancel the registration ie

Our records show that you have already registered under the name of (username). If you have lost your password, click here. If you would like to modify your profile, click here.

richTV
25 Dec 2006, 23:49
Hi.

I'd like to try this out alongside the AE Detector. [which my forum currently uses {vB 3.6.4}]

is this add-on currently available to us the final release?

many thanks for creating this useful tool! :)

richTV

h2ojunkie
05 Jan 2007, 21:20
I've been testing this on my sandbox servers, and the "Automatically Ban Banned Users?" option doesn't seem to have any effect.

Whether I have that turned on or not, it still puts the new account in the COPPA group.

Maybe I'm missing something here, but it seems there is some bug in the system in regards to the banned users.

I see in the plugin code the following to ban a user:


//ban the user
if ($marpautoban)
$userdata->set('usergroupid', $vbulletin->options['marpbannedgroup']);



But, I can find no where to change the setting for what group the marpbannedgroup is. I don't even see that setting being added in the xml install file.

Nathan2006
02 Feb 2007, 10:06
yeah for some reason I put the IP checking code before the registration completes, so the new user doesn't have a user id yet... will change it as soon as I can, but got some exams coming up, and right now I'm still recovering from the Bears game WOOO


Any fix on this?

Thanks :)

Raptor
04 Feb 2007, 00:29
great hack thanks !

HeRmAn'S
24 Mar 2007, 19:15
Thank you randominity and *installed*:up:;)

Bieddos
18 Apr 2007, 19:41
cooool!
Where i can change the language? In phrases not function my translate!

tycity
07 Jun 2007, 07:03
Installed - thanks for the great mod! :)

Bravo
13 Jun 2007, 12:19
I've been testing this on my sandbox servers, and the "Automatically Ban Banned Users?" option doesn't seem to have any effect.

Whether I have that turned on or not, it still puts the new account in the COPPA group.

Maybe I'm missing something here, but it seems there is some bug in the system in regards to the banned users.

I see in the plugin code the following to ban a user:


//ban the user
if ($marpautoban)
$userdata->set('usergroupid', $vbulletin->options['marpbannedgroup']);



But, I can find no where to change the setting for what group the marpbannedgroup is. I don't even see that setting being added in the xml install file.

man oh man, I dont see how I missed that lol. I guess cause it's late and I've been up for like 16hours, but I had the same problem and could not figure out what was going on, I even re-did part of that plugin and nothing worked, but I read your post and checked it and lol your right that group does not exist, well I went back in and fixed it and IT WORKS!!!!!!!

@randominity im sure you know what it is, but if not I'll send you the updated code so you can update the package. or with your permission i'll call this v1.0.3 and re-add it as a Updated/Fixed MOD since your last visit was in May and last post on here was in Oct of 06. and i dont know if you are going to contiune to support this or not. Hopefully you read this. so PM me if you do :)

scan-pa
13 Jun 2007, 13:40
please let us know what code to change, or please upload the fixed version.

Thanks in advanced.

MeMySelfNi
22 Jun 2007, 18:27
which hack does this


XXXXXXX is trying to register a new account. His/her other logins are:XXXXXX2

pcoskat
23 Jun 2007, 19:53
Installed - thanks for the great mod! :)

This mod is one of my FAVS!

Bravo
24 Jun 2007, 12:40
which hack does this




This one does

NeitherSparky
27 Jun 2007, 00:41
Installed; hopefully this works...AE Multiple Login detection is a great mod, been using that forever.

@randominity im sure you know what it is, but if not I'll send you the updated code so you can update the package. or with your permission i'll call this v1.0.3 and re-add it as a Updated/Fixed MOD since your last visit was in May and last post on here was in Oct of 06. and i dont know if you are going to contiune to support this or not. Hopefully you read this. so PM me if you do :)

Wait so, what are we supposed to change?

Bravo
27 Jun 2007, 00:47
Installed; hopefully this works...AE Multiple Login detection is a great mod, been using that forever.



Wait so, what are we supposed to change?

I havent gotten his permission yet to do so =/
not sure what to do if he never replys.

Maybe a MOD or ADMIN can advise me on the process for something like this

NeitherSparky
27 Jun 2007, 00:57
I havent gotten his permission yet to do so =/
not sure what to do if he never replys.

Maybe a MOD or ADMIN can advise me on the process for something like this

Thanks for replying. So what exactly isn't working properly, the 'move banned users to banned group' option? They're being put in the users awaiting moderation group instead, is that right?

Bravo
27 Jun 2007, 01:11
Thanks for replying. So what exactly isn't working properly, the 'move banned users to banned group' option? They're being put in the users awaiting moderation group instead, is that right?

Pretty much yeah

oicyu8chu
30 Jun 2007, 21:19
Nice, cause my first victim today. :)

Choo

hubix
21 Aug 2007, 09:40
Hello,

did anyone fixed this banned user problem?
I've tried it myself, but it didn't work.

TCB
26 Aug 2007, 21:54
yes, I'm also eager for the updated version where automatic banning of re-registering banned members actually work

Veronica Vain
04 Sep 2007, 00:07
Love the Hack Thanks again!

blackvborg
16 Sep 2007, 23:07
does it work with vb 3.6.8?

Thank you!

CoryNickerson
21 Oct 2007, 00:47
this worked once for me but hasnt worked again since. o.O vb 3.6.8

its letting multiple account memebers with the same IP adresses register multiple accounts and doesnt place them in the group i specified... help please? thanks

aquariumpros
23 Oct 2007, 08:09
another useless VB hack... im running 3.6.8 - i uploaded both xml files, and it let me
sign right on up, even though my IP is identical to my admin account, let me right on in..

are there any other methods on detecting multiple account signups?
WOW - love how people like you insult those who are trying to help out the community for FREE.

Seriously - why don't you just go write your own code if you're just going to insult the authors who are at least trying.

And while you're at it; you might want to learn how to read too:
"https://www.vbulletin.org/forum/external/2011/01/24.gif Is in Beta Stage"

aquariumpros
23 Oct 2007, 08:25
Lets see here... Last Update: 01 Oct 2006
yea, im sure hes on the case....

its also just lovely for coders to create this stuff, then drop it...
yea, just great, this guy doesnt care about you, me, this hack
or anything. I see coders make good stuff then disappear all the time.
Exactly.

He/she owes you nothing.

So don't use it.

(BTW - with a few tiny modifications it works great)

onehost
23 Oct 2007, 10:15
then why dont you post an update.

richTV
28 Oct 2007, 03:20
been using this add-on for a while and it's working fine under 3.6.8, tnx!

Because this add-on is connected with the AE Multiple Log-in detector, the threads for the Multiple Account Registration Prevention are placed in the same forum as the AE detector.

would it be possible to have an option in the Admin Panel to output the Multiple Account Registration Prevention in a different forum or subforum of my choosing?

TIA :)

AngelBlue
11 Dec 2007, 01:04
Could this be updated to exclude AOL users from IP checks? I'm getting quite a few false positives from them.

mystic10
10 Jan 2008, 23:42
This Is A Silly Question I Know But HOW Do I Check Which Id Had The Same Ip That Way I Can Check It..please Guide..THANKS IN ADVANCE..ITS AWESOME...I JUST LACK THE KNOWLEDGE OF USING IT PROPERLY SO SIR OR MAM IF U CAN HELP IT WOULD BE MOSTLY APPRECIATED

rwoscott
15 Jan 2008, 02:21
(BTW - with a few tiny modifications it works great)What tiny mods did you make?

It appears that my new reg's aren't being auto banned.

T4doom
22 Jan 2008, 11:11
Very nice mod. I've been having allot of trouble with a certain user constantly ban evading using proxies. Thanks allot for this.

Oh, and for the record, I was the #1337 person to download this mod ^.^

AngelBlue
16 Feb 2008, 01:38
I was getting a lot of false positives from proxy.aol.com users who were registering on my forum, so I modded the code a bit.
The attached version of the code includes a new config option (defaulting to proxy.aol.com) which ignores IP matches from users registering with that hostname/domain. This is a good compromise if you're not comfortable asking AOL users to disable the proxy (http://www.vbulletin.org/forum/showthread.php?t=170616).

Konstantinos
03 Mar 2008, 21:57
Thanks for replying. So what exactly isn't working properly, the 'move banned users to banned group' option? They're being put in the users awaiting moderation group instead, is that right?

same here

pcoskat
31 Mar 2008, 16:31
Any chance of getting this for 3.7 with one modification:

Instead of sending a PM, my preference would be to create a new thread in a designated forum. Possible?

Thanks!

masterross
08 Apr 2008, 19:06
hmmm
ok it detects cookies and IP
but users can just logout or user IE and FF for example
and what about users that came from proxies ?

scan-pa
08 Apr 2008, 19:20
The first half of this program: Multiple Account Login Detector (AE Detector) (http://www.vbulletin.org/forum/showthread.php?t=125871) sets a special cookie that is not deleted on logout and is stored in another section of the PC then the normal cookies are. And the cool thing is this cookie does not get deleted when the user deletes all of the browser cookies, as it is outside the standard cookie folder location.

They can switch browsers all they want. makes no difference.

as for proxies, there is a mod on this site that prevents proxy site use, and allows AOL and dial up users to still gain access. There is also the 2 IP info and Proxy to IP mods that will help with that issue.

There are so many mods available for vB that will help you prevent over 99.5% of user dupe accounts it's not even funny.

Why these features are not standard along with a standard Admin selected Real First and Last name profile fields just kills me.

I have all of these security mods and more and they all work great.

NeitherSparky
23 Apr 2008, 04:33
I just needed to post...we have a troll who just won't go away (he registered his 10th account a few minutes ago) and this add-on to the original mod has been wonderful. He is using AOL proxies about half the time to register and this mod catches him if he happens to use the same one he's used before (yes some legit users are coming up on the list when he registers, and yes some innocent new members may get caught, but I'm willing to take that risk; at least the accounts are frozen until I can get online and investigate. The guy is very easy to spot by his email addies and often his usernames).

So anyways, this mod is great. :) Although as stated before, the guy isn't being put in the banned group, he's always going into the users awaiting moderation group. I can live with that and all, but as is the option to move them to the banned group is basically useless.

fci
27 Apr 2008, 01:37
Found a bug:
if your includes/config.php has its db type set to mysqli, it breaks registration, e.g:
$config['Database']['dbtype'] = 'mysqli';

To fix it, you need to update the register_addmember_process under Manage Products to the following:
//if the cookie exists then we know that the user already has an account
if (isset($_COOKIE['IDstack']) && $vbulletin->options['marpon'])
{
//set the usergroup to the one specified in options, or Users Awaiting Moderation
$userdata->set('usergroupid', $vbulletin->options['marpusergroup']);

//Automatic banning of previously banned users
if ($vbulletin->options['marpautobanon'] && $vbulletin->options['marpbannedgroup'])
{
$marpautoban = FALSE;
if($idstack = explode(',',$_COOKIE['IDstack']))
{
foreach ($idstack as $uid)
{
if (is_numeric($uid))
{
//check to see if any of the multiple users are banned
if (is_member_of(fetch_userinfo($uid), $vbulletin->options['marpbannedgroup']))
$marpautoban = TRUE;
}
}

//ban the user
if ($marpautoban)
$userdata->set('usergroupid', $vbulletin->options['marpbannedgroup']);
}
}
}
//IP based prevention
else
{
if ($vbulletin->options['marpipon'])
{
$ip = $_SERVER['REMOTE_ADDR'];

//check to see if another user exists with the same ip address
if ($multip = $vbulletin->db->query_read("SELECT userid,username,ipaddress FROM " . TABLE_PREFIX . "user WHERE ipaddress='{$ip}'"))
{
if ($vbulletin->db->num_rows($multip) > 1)
{
$userdata->set('usergroupid', $vbulletin->options['marpusergroup']);

$andids = " ". $vbulletin->userinfo['username'] ." (. $vbulletin->options['bburl'] ."/member.php?u=" . $vbulletin->userinfo['userid'] . ) ";
$andusers = $vbulletin->userinfo['username'];

while ($mip = $vbulletin->db->fetch_array($multip))
{
$andids .= ', ' . " ". $mip['username'] ." (. $vbulletin->options['bburl'] ."/member.php?u=" . $mip['userid'] . ) ";
$andusers .= ','.$mip['username'];
}
$message = construct_phrase($vbphrase['marp_ipmessage'], htmlspecialchars_uni($vbulletin->userinfo['username']), $andids, $ip);
$subject = construct_phrase($vbphrase['marp_subject'], htmlspecialchars_uni($vbulletin->userinfo['username']), $andusers, '[IP]');

// get admin users
$adminusers = split(",", $vbulletin->options['ae_adminusers']);
$fromuser = fetch_userinfo($vbulletin->options['ae_sender']);
$allowsmilie = '1';
$visible = '1';

// create the DM to do error checking and insert the new PM (needs to be here)
$pmdm =& datamanager_init('PM', $vbulletin, ERRTYPE_SILENT);
$ipaddress = $vbulletin->config['ae_adminip'];

if($vbulletin->options['ae_sendpm'] == '1')
{
$pmdm->set('fromuserid', $fromuser['userid']);
$pmdm->set('fromusername', $fromuser['username']);
$pmdm->set_info('reciept', false);
$pmdm->set_info('savecopy', false);
$pmdm->set('title', $subject);
$pmdm->set('message', $message);
$pmdm->set_recipients($vbulletin->options['ae_recipients'], $fromuser['permissions']);
$pmdm->set('dateline', TIMENOW);
$pmdm->save();
}

if($vbulletin->options['ae_startthread'] == '1' AND $vbulletin->options['ae_forumid'])
{
require_once(DIR . '/includes/class_dm_threadpost.php');

// setup variables
$forumid = $vbulletin->options['ae_forumid'];
$threaddm = new vB_DataManager_Thread_FirstPost($vbulletin, ERRTYPE_STANDARD);

// insert thread
$threaddm->do_set('forumid', $forumid);
$threaddm->do_set('userid', $fromuser['userid']);
$threaddm->do_set('username', $fromuser['username']);
$threaddm->do_set('pagetext', $message);
$threaddm->do_set('title', $subject);
$threaddm->do_set('allowsmilie', $allowsmilie);
$threaddm->do_set('visible', $visible);
$tid = $threaddm->save();

require_once(DIR . '/includes/functions_databuild.php');
build_forum_counters($forumid);
}
}
}

}
}

it is changing "mysql_num_rows($multip)" to "$vbulletin->db->num_rows($multip)"

-=Leb=-
15 May 2008, 18:46
I think the time has come for a new update. most of us are using VB 3.7 :)

pcoskat
19 May 2008, 17:58
I think the time has come for a new update. most of us are using VB 3.7 :)

Agreed.

Any word on whether or not this will be updated to 3.7?

mark|3
21 May 2008, 06:11
will there be a 3.7 version?

thanks

randominity
26 May 2008, 07:07
Sorry, been MIA again, just upgraded to 3.7, so I'll see about updating this soon ;)

NeitherSparky
27 May 2008, 06:30
Sorry, been MIA again, just upgraded to 3.7, so I'll see about updating this soon ;)

Thanks man!! :)

KURTZ
31 May 2008, 11:23
Sorry, been MIA again, just upgraded to 3.7, so I'll see about updating this soon ;)

superb, i'll waiting for this ...

peterpigman
09 Jun 2008, 19:29
Sorry, been MIA again, just upgraded to 3.7, so I'll see about updating this soon ;)

???

ccunnin71
11 Jun 2008, 16:03
Any word on an update for 3.7?

johnban
17 Jun 2008, 09:36
Hi I installed the hack in 3.7

If I have a user that has logged in and then he is making a new registration then the hack it's catching him.

But ……..

One user has registered into my forum at 16:00 (let’s say) from IP address 11.111.111.111 (of course it is not the real IP). After 30 minutes he is registering again with different username/mail but from the same IP. Shouldn’t be captured by the hack ??

Thanks,

John B.

TFEX
13 Jul 2008, 21:42
Love it, installed :)

Raptor
16 Jul 2008, 17:10
not working for me on vb3.7.2 either

was fantastic on 3.6.8

ibuddy
20 Jul 2008, 19:58
please update to 3.7!

MeMySelfNi
01 Aug 2008, 20:16
its not working on 3.7.0

jGas
12 Aug 2008, 16:24
please someone update it..thanks :D

mrcrx
06 Sep 2008, 17:30
Please update!

fulviods
13 Sep 2008, 17:55
I have this plugin on 3.7.3 and it seems to work

mrcrx
17 Sep 2008, 21:25
I have this plugin on 3.7.3 and it seems to work


Thats intresting. I tried to run it on 3.7.0 and got all sorts of errors.

Milchi
18 Sep 2008, 06:38
I have it on 3.7.3 PL1, works!

duditas
24 Oct 2008, 19:28
I'm trying it and it seems to work. Marked as installed. Thanks :up:

Jah-Hools
30 Oct 2008, 15:46
I want to keep an eye on this and will use it when it gets updated and out of beta?

Thanks!

:up:

The4um
17 Nov 2008, 19:15
some update for this?? on 3.7 doesn't work anymore:(

Kiros72
23 Nov 2008, 15:35
My users are getting errors during registration, except it doesn't happen in all browsers... It seems to only happen in Internet Explorer or other browsers that extend it.

First, this appears at the very top:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in [path]/register.php(385) : eval()'d code on line 44

Then (probably because of the first error), this appears in the vBulletin Message box:
Unable to add cookies, header already sent.
File: /home/domain/public_html/forums/includes/class_core.php
Line: 3242

Can anyone think of a solution? I've really got no idea =[

Duncan Idaha
25 Dec 2008, 21:06
Tried it and it only generated error messages.

AndyJensen
15 Jan 2009, 12:50
Does this work on 3.8.0?

Jah-Hools
15 Jan 2009, 14:09
Would be good if it did!

CORSO
15 Jan 2009, 23:25
Since we updated to 3.8 the new users can not register in the forum and we are getting continuous errors from the database, for example this is the last one received:

Database error in vBulletin 3.8.0:

Invalid SQL:
INSERT INTO logins (userid, username, ipaddress, phpdate, logintype) VALUES (, 'marcelinno', '217.124.30.141', 1232059966, '');

MySQL Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 'marcelinno', '217.124.30.141', 1232059966, '')' at line 1

Error Number : 1064
Request Date : Thursday, January 15th 2009 @ 11:52:46 PM
Error Date : Thursday, January 15th 2009 @ 11:52:47 PM
Script : http://www.c4atreros.com/foroc4/register.php?do=addmember
Referrer : http://www.c4atreros.com/foroc4/register.php?do=register"

Kiros72
16 Jan 2009, 20:51
I had problems with this too, so I developed a modification like it that works just fine with vBulletin 3.7 and 3.8. If you're interested, check out the link in my signature.

CORSO
17 Jan 2009, 11:33
I have desinstaled:

Multiple Account Registration Prevention
Multiple Account Login Detector (AE Detector)

And installed your mod
Multiple Account Detection & Prevention

But the problem persists

CORSO
17 Jan 2009, 12:22
Already I have found the problem

I have desinstaled the mod: Log Logings Hack

And the error has disappeared

Crystal Shards
01 Jun 2009, 18:47
Can you make this so we can check version in ACP? I can't with what I have installed.

TheInsaneManiac
02 Nov 2009, 06:58
3.8 won't send proper PMs with this modification. AE works with PMs, but this mode won't even though I still get PMs from AE lol...

I suggest going with Kiros72 (http://www.vbulletin.org/forum/member.php?u=139456)'s version (http://www.vbulletin.org/forum/showthread.php?t=199077).

Pellonpekko
09 Jun 2011, 17:59
Does this work on vB4.1?
I need this tool