Token of Death (cookie ban)
by http://www.shinraonline.com
Version: BETA!

Products: 1
Plugins: 2
Queries: 1 (if the user is in banned group)


THIS IS A BETA... DON'T INSTALL IT...

Really, I mean it. Okay, so it worked on my test forum, but do you really want to be a guinea pig?

Actually, its using the "forumhome_complete" hook to initiate the banning process... I think there's probably a better hook, but I'm not sure where yet.

Sounds cool, does it destroy robots?

Um, no. If a user is banned, it will set a cookie and if they re-register or log onto an alias, they will be auto-banned.


IMPORTANT SIDE NOTE:

If you test this out on your forum, delete the cookie before you log back into your admin account or you will get banned!!

Already locked yourself out? Try these steps by Harmor19
https://vborg.vbsupport.ru/showpost.php?p=1116115&postcount=6

(Next version, I'll add a check so admins are exempt)


Installation:

Step 1: Import product-token_of_death.xml

Step 2: edit the 'Token Of Death: Bake a Cookie!' and change the 8 to your preferred banned usergroup ID. 8 I think is the default.
admincp -> plugin manager -> Token Of Death: Bake a Cookie! (edit)


if (is_member_of($vbulletin->userinfo, 8))



Step 2: edit the 'Token of Death: Stealth Ban!' plugin and change $TODgroup to the usergroup you want to add the user to.
admincp -> plugin manager -> Token of Death: Stealth Ban! (edit)


// This is the usergroup you want to change the user to (banned).
$TODgroup = 10;


Step 3: Take over World!

reserved :D

This should be default. Thanks

Thanks for the hack

Please helpp. I am all user and all admin BANNED.
I am not login.

Please helppp

Log into your FTP
Go to public_html --> forum --> includes
Download "config.php"

Below
<?php

Add
define('DISABLE_HOOKS', true);

Save and Re-upload

Now If you're using Firefox go to Tools --> Options --> Privacy
Click the button that says "Settings". Make sure "Cookies" are ticked and click "OK". Press "OK" again. Close your browser and try going to your site and see if it worked.

For Internet Explorer
Go to Tools --> Internet Options
Click on "Delete Cookies".


Now go into your ACP --> Plugins & Products --> Plugin Manager
Look for "Token Of Death: Bake a Cookie!" and Token of Death: Stealth Ban! (most likely it'll be this one that is causing the problem).

Edit the Plugin named "Token of Death: Stealth Ban" and change "Plugin is Active" to "No".

Edit your 'config.php' file again

Change this
define('DISABLE_HOOKS', true);

To this
//define('DISABLE_HOOKS', true);

Save and Re-upload.

Log into your FTP
Go to public_html --> forum --> includes
Download "config.php"

Below
<?php

Add
define('DISABLE_HOOKS', true);

Save and Re-upload

Now If you're using Firefox go to Tools --> Options --> Privacy
Click the button that says "Settings". Make sure "Cookies" are ticked and click "OK". Press "OK" again. Close your browser and try going to your site and see if it worked.

For Internet Explorer
Go to Tools --> Internet Options
Click on "Delete Cookies".


Now go into your ACP --> Plugins & Products --> Plugin Manager
Look for "Token Of Death: Bake a Cookie!" and Token of Death: Stealth Ban! (most likely it'll be this one that is causing the problem).

Edit the Plugin named "Token of Death: Stealth Ban" and change "Plugin is Active" to "No".

Edit your 'config.php' file again

Change this
define('DISABLE_HOOKS', true);

To this
//define('DISABLE_HOOKS', true);

Save and Re-upload.


Hello
I am all change you to tell.
But not working banned.

Message :

You have been banned for the following reason:
No reason was specified.

Date the ban will be lifted: Never

access your sql through phpmyadmin and enter the banned ip table and remove your ip? Or upload tools.php and reset admin access.

Ok I am coreect with my friend admin password.

But this problem Homepage click and this user root administrator > imported_user carrying. (no ip banned)

// This is the usergroup you want to change the user to (banned).
$TODgroup = 10;
This 10 = imported_user.

I am different admin login with pole admincp login (Dont homepage login) and this groups permission on.

Just now working.

thank you soo much installed

Nice work man!

tried everything not working please help me

Did you edit the usergroup ID's in the two plugins that are added to correspond with your banned usergroup ID's?

i am not able to log in after also i tried everything you said

help me man i am getting many emails from my members asking me an explanation for their banning

common man help me please

yes i did

i did exactly what was told in the mod

well remove or disable the hack for now as per the instruction. You'll need to unban your users. I'll take a look for you when I get home if you send PM me an admin username and login that has access to plugins and products.

how to remove it or disable it

as it`s not allowing me to enter the admincp


Edit : got back my powers :D

the above said method doesn`t work man

Follow the steps here to disable plugins:
https://vborg.vbsupport.ru/showpost.php?p=1116115&postcount=6

Once the plugins are disabled, you can get into the admin and disable this plugin.

I havent tried this out but try saving this code as token-of-life.php and uploading it into your forums folder. This should delete the cookie and change the usergroup from 10 (banned?) to 2 (registered).


<?php

/* ############### TOKEN OF LIFE ############### */

// SET SOME VARIABLES:

$newusergroup = 2; // this should be your registered usergroup, the unbanned group you want to move them to.
$TODgroup = 10; // change to whatever your Token of Death usergroup is or was.


// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);

// ##################### DEFINE IMPORTANT CONSTANTS #######################
// change the line below to the actual filename without ".php" extention.
// the reason for using actual filename without extention as a value of this constant is to ensure uniqueness of the value throughout every PHP file of any given vBulletin installation.

define('THIS_SCRIPT', 'test');

// #################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array();

// get special data templates from the datastore
$specialtemplates = array();

// pre-cache templates used by all actions
$globaltemplates = array(
// change the lines below to the list of actual templates used in the script
'test_mytesttemplate1',
'test_mytesttemplate22',
);

// pre-cache templates used by specific actions
$actiontemplates = array();

// ########################## REQUIRE BACK-END ############################
require_once('./global.php');

// #################### HARD CODE JAVASCRIPT PATHS ########################
$headinclude = str_replace('clientscript', $vbulletin->options['bburl'] . '/clientscript', $headinclude);

// ################################################## ######################
// ######################### START MAIN SCRIPT #################################
// ################################################## ######################

$navbits = array();
// change the line below to contain whatever you want to show in the navbar (title of your custom page)
$navbits[$parent] = 'Token of Life';

$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');


// #################### LETS EAT THE COOKIE AND UNBAN PEOPLE ########################

// We'll change the cookie so it expires at the end of the browser session.
if (is_member_of($vbulletin->userinfo, $TODgroup))
{
vbsetcookie("TOD",0,0);
}

// Lets change the users group

if (is_member_of($vbulletin->userinfo, $TODgroup))
{
$db->query_write("
UPDATE user SET
usergroupid = $newusergroup
WHERE userid = " . $vbulletin->userinfo['userid'] . "
");
}


// change the line below to contain the name of the actual main output template used in your script
//eval('print_output("' . fetch_template('Token_of_Life') . '");');

// No Content Header for Now
header("HTTP/1.0 204 No Content");

?>

how to remove it or disable it

as it`s not allowing me to enter the admincp


sounds like ure havin probs m8...

THIS IS A BETA... DON'T INSTALL IT...

Really, I mean it. Okay, so it worked on my test forum, but do you really want to be a guinea pig?

i read the first bit....didnt you?

Great idea! I'll be keeping an eye on this....

- Justin

Wow this would be really cool..... Please let me know when this is out of beta or installable.. Dont want to be the test monkey :D

Also will this work on 3.5.x ?

how to remove it or disable it

as it`s not allowing me to enter the admincp


Edit : got back my powers :D

the above said method doesn`t work man


hey man i have the same problem how did u solve it help please

anybody please help meh is there anyway to log in to da admin cp

were you guys testing this out on yourselves? I'm not sure why your having these problems.

were you guys testing this out on yourselves? I'm not sure why your having these problems.


hey friend tjnx for tha produck but when i installed the priduct it change mine and all the other members id to group 10 right and i cannot log in to admincp anymore and i triend all the solutuons given but none of them worked for me if you can help me cause my members are goin crazy

Sounds good . but Next version will be great i think :)

Thanks for sharing

So If they cleared their cookies it would reset?

This could become really handy ^^ however a simple clear cookies would stop this from happening, so in a way, the really annoying users would figure this out in no time :/

Nice work tho, it seems really original.

Could you please make an option to connect this to the Miserable users (https://vborg.vbsupport.ru/showthread.php?t=121886) member group? After getting re-banned right away, most banned members will start to think about clearing their cookies. But if a returning banned member is automaticly put into Miserable users (https://vborg.vbsupport.ru/showthread.php?t=121886), then it will just seem like the site is acting weird and is much more fun as well. :)

Tested on a forum and it started banning members for no reason. What is the difference between 'Token Of Death: Bake a Cookie and 'Token of Death: Stealth Ban! settings? should there be a new usergroup created? I set both to 8 (banned)

I started unbanning members and noticed some were being put into the coppa Registation group and still showing members the banned message until I saved them to the registered usergroup again.

This could become really handy ^^ however a simple clear cookies would stop this from happening, so in a way, the really annoying users would figure this out in no time :/

Nice work tho, it seems really original.

Sooo, That clears the cookie bann... eh

im waiting for the new version when are u gunna release it bro??

Could you please make an option to connect this to the Miserable users (https://vborg.vbsupport.ru/showthread.php?t=121886) member group? After getting re-banned right away, most banned members will start to think about clearing their cookies. But if a returning banned member is automaticly put into Miserable users (https://vborg.vbsupport.ru/showthread.php?t=121886), then it will just seem like the site is acting weird and is much more fun as well. :)

I agree...I would love to be able to use this with Paul's fantastic "Miserable Users" hack

I am trying to work on a Mod (hack) that I would like to develop. My mod would display a user's registration IP and E-mail in their profile for Mods and/or Admins only. Mods/Admins could instantly see a user's registration IP & E-mail by clicking on that user's profile without having to log into their ModCP or AdminCP...and would be able to view their E-mail address even if the user chooses to hide it from regular members. Mine really isn't doing anything new, just reorganizing information so it's easier to get. I've have a few people trying to help with mine, I will see what they think about yours, as I feel it could be useful in adding another "layer" of difficulty in stopping trolls/problem posters.

A great example is I have a user that uses anonymous proxies to get back in, I ban his new proxy IP and he changes it. I've also installed Paul M's (I think Paul makes the bulk of the hacks I use! :cool: ) Proxy to Real IP (https://vborg.vbsupport.ru/misc.php?do=producthelp&pid=paulm_20050630) hack, so it's become a fight between he and I over proxies, so adding a cookie might help, even if only temporarily.


My troll spends a good part of his day looking for workable anonymous (I'm not sure he even knows that he needs anonymous proxies, as I think he just sits there going through proxy after proxy, looking for one that works). Even though the probability in the long run may be that he figures out that it's now also a cookie blocking him...I think it would at the very least make it a little more difficult for trolls as it's another "monkey wrench" thrown at them.

Although there is no technique for getting rid of troll and problem posters that is 100% foolproof (when I resorted to putting new members in the moderation queue, he started getting family and friends to register new accounts with valid IPs and E-mails for him, then giving him the new account), but I think each layer combined (while still not 100%) does increase the "hoops" trolls and problem posters must jump through, thus increasing the difficulty level for trolls versus their stubbornness.

Another thought on your mod (hack), or maybe even a completely different one (might be better) altogether, is I had a friend of mine that ran a UBB board and he developed a mod (hack) that checked what port a user was connecting on and the hack blocked all connections to his forums except for port 80 (http). Same problem, even though many proxies connect using port 80, a very large portion of them don't and he was at least able to cut down on the numbers of trolls using proxies by blocking those proxy connections that weren't on port 80. He moved back to Hungary, and I have no way to reach him, but your idea and the other's (like Paul's) would really help turn the table for admins when it comes to fighting trolls/problem posters. I just wish I was a lot better at PHP and could help directly. :ermm:

I will bookmark this thread and I will check back occasionally, or I will PM you or post if I have something useful to contribute. :)

I havent had time to work on this the last few days but due to some of the issues presented, I am thinking of changing the hack so that it adds a cookie and if that cookie is present, it adds to the user to a secondary user group. You could specify that usergroup to be a banned group or a miserable users group. What do you guys think about that?

Incidentally, this hack is open source as in hey just give a line of credit in the post and keep the cool name please kind of way should anyone ever want to add to this.

finman, totally agree, sometimes its just about making them jump through more hoops.

Why not combine this hack with the AE detector? They seem to be doing very simular things. AE only alerts when the same pc/cookie is connected to 2 accounts. ToD will move the 2nd account into a secondary group if the 1st account is banned. Both are very handy features. Can't they be handled by one cookie, instead of two? May be worth while to talk to MDPev.

But to answer your question; moving the 2nd account to an additional user group is a good idea IMO.

awesome idea!

I will check that out
without reading your code.. isn't it possible to just add ( AND $bbuserinfo['usergroupid'] != 6) to an appropriate if condition of your hack to avoid admins getting banned while testing?

'sid

Possible to work on vB 3.5.4 I'm still trying out the code aveon provided.

Looking at your code:

if ($TOD = '1')

It's no wonder that this plugin is banning everyone.

Change it to

if ($TOD == '1')

rofl@people who installed beta software to their main forum, apparently with no db backup, and banned themselves.

This is a great idea and I hope the kinks iron out. We shall be watching your career with great interest, young hack.

As for les miserables integration: miz is a usergroup is it not? Least it was when I installed it! Just have the autoban point to the miz usergroup rather than the banned usergroup. voi, as they say, la. My trolls are well aware of the miz plugin but I bet they would not think of it if their next newly created account suffered the same problem.

Hope to see this actually come to fruition.

Rather than an autoban, I'd like to see a stealth cookie that just alerted admins when people signed up and you had to manually reban them. If you did that, it would take a LONG while before someone figured out a cookie was tipping people off.

Charlemane, you have a devious mind ;) cool idea. You could then give them varying amounts of time and a couple posts before banning them, let them think you are just really clever.

Like described above, the EA detector already does that. ToD adds extra functionality.

sounds like a good idea ;-)

this would replicate an ip ban when you can do an ip ban.

i dont think they would catch on to clearing their cookies.

but i also think having an option to do auto add to miserable users instead of a ban.

they can bypass the banning by using another computer but it will definite be useful.

Miserable is just a group,... you would, in theory, just use your miserable group instead of your outright banned group.

Or, KC suggested, a secondary group that does nothing but lets the admin go in and move them to banned user group when they feel like it.

Is this coming out of Beta for Christmas :)

Looking at your code:

if ($TOD = '1')

It's no wonder that this plugin is banning everyone.

Change it to

if ($TOD == '1')
Does that fix the problem? In other words: if this is changed, is this hack then bug free?

Miserable is just a group,... you would, in theory, just use your miserable group instead of your outright banned group.
Could you please update the hack with this function?

Hi,
I've made some changes to prevent Admins beeing banned (even if they get the cookie, by some reason)
and added a Admin CP Settingsgroup where you can set
- en/disable the hack
- usergroup(s) that will get the cookie
- targetusergroup (if you have a cookie)
- usergroups that will not be changed by the hack (protect mods, s-mods and admins)

So that you can choose to ban or to move to miserable users, to protect your staff, and to quick disable the hack itself.

this is much more comfortable than the original,
but keep in mind, that it's still beta!!

but maybe it'll do for you (as it does for me)

'sid

edit: fixed missing table_prefix

Cool hack. What happens if you unban someone or the ban was only temporary?

sid's needs a . TABLE_PREFIX .

I installed sid's version. It doesn't do a thing.

I can't figure out what the deal is. I fixed the TABLE_PREFIX line, but still nothing. I'm getting the TOS cookie with the banned account, I still have the cookie with the account that wants to be banned, the plugin is on, all the settings look correct, but it's not moving the new user to the banned usergroup.

Do you have SET the usergroup the user is to be moved into?

'sid

ps yupp, i've used Reeve of shinra's code and just added some lines without checking that's why there was no Table_prefix in it (updated).
I don't support that hack .. not even my own xml :D

Yeah, I set TOD_banned_usergroup and TOD_to_usergroup to 8.

Nuttin.

The test account was only banned temporarily, but I don't think that makes a difference. They should still be in usergroup 8.... no?

You should have named it "Cereal Killer" :D

Make your admin user account unalterable in config.php... this way admins can't ban themselves... Should work, though not sure from looking at the xml I will install this just yet.
Is default set up to ban group 8 or 10?

Well, sid's version does not work. An update to this hack is really appreciated, I'm sure that I'm not the only person waiting for non-beta release =)

I've been watching this since I joined here and there has been no progress. I wish the author would update...

Sorry guys, just been busy with real life and this kind of fell by the wayside. I'll see if I can find time over the week to do some small updates and get this ready for prime time.

Sorry guys, just been busy with real life and this kind of fell by the wayside. I'll see if I can find time over the week to do some small updates and get this ready for prime time.


Awesome glad to hear it. Hope things work our ok for you. Good luck look forward to the release.

Any luck with this? It would be really handy to have working about now...

This is a great idea, just pity that it's not functional at the moment :p

all admin and mods are banned help me :((

subscribing, this mod is REALLY useful and should be a default function with VB. I have users that keep creating accounts after they get banned using public proxies and this will help keep them out.

look forward to an update

subscribing, this mod is REALLY useful and should be a default function with VB. I have users that keep creting accounts after they get banned using public proxies and this will help keep them out.

look forward to an update

If your having proxy ip problems, then also try this hack, it works great.

https://vborg.vbsupport.ru/showthread.php?t=147280

It works great with this hack.

Any further news on this? It would just be superb to be able to use as there are no alternatives.

Does anyone know if it does it to ALL banned members, or just permanently? I.e does it unban those who have been given 24 hour bans etc?


Thanks, and good luck with finishing it :)

Harley

Any news on this mod? Looks like it's been deserted.

Ive been super busy with life so I haven't had time to work on this... anyone is free to pick up the project if they like. In answer ot the earlier question (sorry I missed it, its hard to keep track of threads here) it doesn't take temp bans into consideration. Its meant a perm solution for repeat pests.

Rrrr... so you need to add a warning to make sure that in your config file that admin userid should be set to unchangeable, as I just added the mod, it autobanned me (prob due to stealth havn't gotten back in yet) - and when I logged in on a moderator account i keep for backup - it shows the admin is no longer an admin but a normal user - when ido the fix to get back in admin is a normal user not an admin... bah I gotta remember how to reset it...

Does this work alright on version 3.6.8 ?

Anyone know if this mod still works?

Same question here.

Hi,
I've made some changes to prevent Admins beeing banned (even if they get the cookie, by some reason)
and added a Admin CP Settingsgroup where you can set
- en/disable the hack
- usergroup(s) that will get the cookie
- targetusergroup (if you have a cookie)
- usergroups that will not be changed by the hack (protect mods, s-mods and admins)

So that you can choose to ban or to move to miserable users, to protect your staff, and to quick disable the hack itself.

this is much more comfortable than the original,
but keep in mind, that it's still beta!!

but maybe it'll do for you (as it does for me)

'sid

edit: fixed missing table_prefix

I am using your modified version but don't understand what this setting is for in the ACP:
Users of those usergroups
Set, comma seperated, those usergroupids that will cause clones beeing banned too
useful, if you have different banned groups for temporary and permanent bans
example: 8,10

Anyone?

great mod that needs further development :)

anyone willing to pick it up?

anyone still using this?

So is this mod dead?

I installed this and it gave some members admin, uninstalled.