It happens all of the time. Some members will make multiple accounts to back their own opinion or get an extra vote in a poll. Here's a modification that will detect and prevent multiple accounts, as well as notify the administration about multiple accounts. Inspiration for this modification came from the work of MPDev (creator of the Multiple Account Login Detector (https://vborg.vbsupport.ru/showthread.php?t=183268)) and randominity (creator of the Multiple Account Registration Prevention (https://vborg.vbsupport.ru/showthread.php?t=127045)). This is basically a combination of those two modifications but with new and improved functionality.

This is not an update to the "Multiple Account Login Detector (AE Detector)" nor is it an update to the "Multiple Account Registration Prevention." If you have either one of these (or both of them) installed, you should uninstall them before installing this modification.

With the initial release of Multiple Account Detection & Prevention, I believe that I have fixed previous bugs/complications as well as improved the efficiency and logic of the code. This is my first publicly released modification. I would appreciate any comments and suggestions!

Confirmed! This works perfectly on all vBulletin 3.6, 3.7, and 3.8 versions.

Unfortunately, I cannot give support right now. I may be able to help periodically, but until my schedule yields some more free time, I won't be much support. Please check back in a week or two.

Basic Details
File Edits: None
Template Edits: None
New Files: 6
Hooks/Plugins: 3
Global Phrases: 36
Install Time: 2 Minutes or Less
Install Difficulty: None, Very Easy

Features and Settings
- Login Detection
- Registration Prevention (Multiple Methods)
- Ignore Child Accounts
- Ignored Users
- Ignored Usergroups
- Ignored ISPs
- Prevention Usergroup
- IP Address Based Prevention
- Extended IP Address Prevention
- IP Address Time Inclusion
- Banned Account Check
- Primary Banned Usergroup
- Cookie Expiration Time
- Cookie Refreshing
- Cookie Name
- Cookie Reset
- Multiple Account Reporter
- Reports via PM
- PM Report Recipients
- Reports via New Thread
- Forum for Report Threads
- Verbose Mode
- BB Codes: LIST, URL, CODE

How it Works
With every newly recognized login/registration, an account-counting cookie is set (or added onto) with the member's User ID. Depending on the settings, Multiple Account Detection & Prevention will analyze the cookie during login/registration to see if there are any multiple accounts.

Login Detection offers cookie-checking and reporting. Registration Prevention offers the same thing, plus more advanced features. First of all, when it prevents an account from registering, it actually moves the registrant to the Prevention Usergroup so that the administration can review the case. This also allows for customized privileges for recognized multiple registrants. Registration Prevention also has IP address detection which finds out just as much information about users. Depending on an administrator's preference, this modification can also reban a new registrant if one of their previous accounts has been banned. In fact, if the administration wishes, multiple registrants can simply be denied registration all together.

Whenever there is a detection/prevention, the modification will report the information to the administration through private messages, a new thread, or both (depending on settings). The Multiple Account Reporter can be any valid user.

Known Issues
- vB Optimise users: Reporting via thread seems to get messed up by vB Optimise, so try reporting via PM instead.
- PhotoPost vBGallery users: The registration handling appears to not work properly when PhotoPost vBGallery is enabled.

From what I can tell, these known clashes have been caused by the other modification's coding. The author of vB Optimise will not even work with me to fix it. Until they improve their coding, I'm not sure if I can do anything about these issues. As far as I know, administrators that do not use the above modifications will not have any problems.

Installation / Upgrade
Unzip the package (madp.zip), upload the files to your forum location, and import the product file (allow overwrite if upgrading). Please read the ReadMe.txt file that is packaged with the modification for more information.

Please remember to mark this modification as installed if you use it!
If you like it, nominate it for the Mod of the Month!

Thank you! :D

History (Changelog)

1.1.3 (March 31, 2009)
- Fixed a bug that caused reporting errors for owners of multiple accounts

1.1.2 (March 31, 2009)
- Fixed a bug that caused some IP address confusion
- Fixed a bug in login that caused reporting for deleted 'ghost' accounts
- Fixed a bug in registration that may have caused false negatives

1.1.1 (January 13, 2009)
- Fixed a bug that caused an "empty" warning when checking Ignored ISPs
- Removed a useless variable in the Login Detection plugin

1.1.0 (December 30, 2008)
- Fixed a bug from stripos() that caused an error within PHP4
- Added BB Code options for reporting
- Added Verbose Mode with bunches of details
- Added Silent Mode
- Added several different methods for Registration Prevention, including disallow
- Added more phrases and made everything 100% phrase-based
- Improved small bits of code to be more efficient
- Revised a few more AdminCP Help Topics
- Revised phrases to be flexible with BB Code options
- Revised line breaks to be correct on Windows servers
- Rearranged the options in AdminCP, reporting settings are now separate

1.0.4 (December 27, 2008)
- Fixed a bug that caused the account-counting cookie to not be set or read properly
- Fixed a bug that caused multiple registrants to be placed in the wrong Usergroup

1.0.3 (December 19, 2008)
- Added 'Cookie Name' setting
- Added AdminCP setting validation code, AdminCP will complain if a setting is bad
- Revised code to be completely compliant with the vBulletin standard
- Rearranged the order of options in AdminCP

1.0.2 (December 19, 2008)
- Fixed an interpretation issue with the & entity, thanks 'ray-'
- Fixed a check that may have let some multiple accounts go undetected during login
- Added 'Ignored ISPs' setting
- Added 'Cookie Reset' option
- Added support for spaces in all 'Ignored' fields
- Added a blank index file (index.html) in the /madp/ directory
- Improved cookie-processing efficiency: replaced strstr() with strpos()/stripos()
- Improved ip-checking function efficiency slightly: removed an unnecessary variable
- Revised a few AdmcinCP Help Topics

1.0.1 (December 16, 2008)
- Fixed a careless mistake that lead to false positives with IP Address Prevention

1.0.0 (December 16, 2008)
- Initial Release

Thank you. Installed.

Installed

Edit:

This is no longer in the beta stage. Please read the Known Issues.

I'm going to give this a go. just wondering tho, is there a way to stop it showing detected accounts from certain IP address. eg. AOL etc.

Thank you, good job!.

I'm going to give this a go. just wondering tho, is there a way to stop it showing detected accounts from certain IP address. eg. AOL etc.

In the current state, no, there's not a way to do that. I'll take that as a suggestion for a future release, however, I can't guarantee anything.

Edit:

By the way, it seems that I did fix the only bug with the 1.0.1 version. I thought that I failed to do so because I accidentally uploaded the fixed version to the wrong directory on my forum. Everyone that has version 1.0.1 (as of now) should be fine. I'll start focusing on coding for suggestions.

I used to use the original Multiple Account Login Detector and unfortunately had to uninstall it as it simply stopped working. So this mod is a god send.

Before diving in I have one question - I would like to run this mod in "silent mode" by this I mean that users will be allowed to create and use multiple accounts but their presence is reported to the mod team by creating a thread is a designated mod forum.

Does this mod allow me to do this?

Marked as installed

could you please add one more feature, can you add some kind of a note in the postbit about the other account the user uses?? and when i come to band someone the same thing appear???? because i have about 20 warning a day about multiple accounts and its a waste of time to check each time if the user has another account when i want to band some1

I'll definitely give this addon a try. Almost anything that sends a forum arzehole to hell is appreaciated.

Trust me, forum trolls and fake user are a plague. ;)

hello. is it bug-free? or a beta?

I used to use the original Multiple Account Login Detector and unfortunately had to uninstall it as it simply stopped working. So this mod is a god send.

Before diving in I have one question - I would like to run this mod in "silent mode" by this I mean that users will be allowed to create and use multiple accounts but their presence is reported to the mod team by creating a thread is a designated mod forum.

Does this mod allow me to do this?

Somewhat, yes. But you have to trick it. For the Login Detection, it will always just notify you - no user will be moved to any Usergroup or anything like that. To trick the Registration Prevention from preventing an account, turn off the Reban option, and set an incorrect Usergroup ID for the Prevention Usergroup (i.e. an ID to a Usergroup that does not exist). This will still allow the modification to report each incident to you, and it will let you know that the Prevention Usergroup is set incorrectly, so the multiple registrant will not be prevented. I may add an option for this later, but since it has this workaround, this will be at a lower priority.

Marked as installed

could you please add one more feature, can you add some kind of a note in the postbit about the other account the user uses?? and when i come to band someone the same thing appear???? because i have about 20 warning a day about multiple accounts and its a waste of time to check each time if the user has another account when i want to band some1

I'll be happy to add in a feature if I can, but I do not understand what you are trying to ask me. Could you please reword your request?

I'll definitely give this addon a try. Almost anything that sends a forum arzehole to hell is appreaciated.

Trust me, forum trolls and fake user are a plague. ;)

I know... Trust me, I know. :)

hello. is it bug-free? or a beta?

Yes, it is bug-free. The latest version (1.0.1) is stable and there are no known issues, and it should work flawlessly.

a German translation, there is not it? :(

The file in the root "Madp" copy? OKEY, you must also create htaccess?

On my site, I have a few members who live in the same address. If they both take turns on their pc, this will detect them & ban them?

Is there a way to stop that from happening. If not, this could be a bad idea for some boards.

Kiros72, please help me.

a German translation, there is not it? :(

I'm sorry, but I do not know German. =[

The file in the root "Madp" copy? OKEY, you must also create htaccess?

Upload the folder called /madp/ to your forum directory (like /forums/madp/). Import the product file (product-kiros_madp.xml), and then configure the options. There is no need (no reason) to create a .htaccess file.

On my site, I have a few members who live in the same address. If they both take turns on their pc, this will detect them & ban them?

Is there a way to stop that from happening. If not, this could be a bad idea for some boards.

When they login, nothing will be done except a detection report. A user will not be affected unless he/she is registering - in which case, the registrant will be moved to the Prevention Usergroup or rebanned if a previous account is found to be banned. Again, the Login Detection will not prevent a user from logging in nor will it ban anyone; it will just notify you through PM/thread depending on your settings.

If you do not want to receive the notifications for those users who use the same computer, then add one of their User ID numbers to the Ignored Users and enable Ignore Child Accounts. With Ignore Child Accounts enabled, as long as a user is seen as a multiple of an ignored user (or Usergroup), the user will be ignored from any kind of detection.

Would that solve your problem? :)

Hello Kiros72.

1st I should therefore have the files directly into the root copy, but the whole folder named "madp"? ok what I understood.

2nd why no htaccess file? dan but everyone can access it or I see this wrong? I do not want a door for a hacker up. do you?

1: Your forum root folder is the root that I'm talking about. If your forums are located at www.example.com/forums/, then the forum root is the /forums/ directory. You must upload all of the contents (files and folders) of the 'upload' folder into your forum root.

2: All files in a default vBulletin installation are publicly accessible. There's no reason to make the files private as long as there is no room for an exploit. Since these files contain the plugin code and nothing more, it would not do anyone any good to try to access these files. Therefore, no .htaccess is needed.

If I hack your (zip) unzip, I get a folder. / Upload / madp.
Do I have this folder in the root add?

www.Forum-Germany.de/Forum/madp/ <- really?

So I copy your php files with others in the root, but the whole folder.

The entire folder should be copied. After the upload, you should have this:

www.forum-germany.de/forum/madp/detection.php
www.forum-germany.de/forum/madp/functions_madp.php
www.forum-germany.de/forum/madp/prevention.php
www.forum-germany.de/forum/madp/set.php

(IF www.forum-germany.de/forum/ is the location of your forums!)

The product file (product-kiros_madp.xml) also needs to be imported through the AdminCP product manager.

Thank you. I have it installed. It has 20 seconds. :D

But I'm still worried that hackers can use this folder to a virus or something in my forum to bring.
If I were a htaccess file would create, how must it look like? can you please tell me? : o I am sorry that I pester.

On my site, I have a few members who live in the same address. If they both take turns on their pc, this will detect them & ban them?

Is there a way to stop that from happening. If not, this could be a bad idea for some boards.




When they login, nothing will be done except a detection report. A user will not be affected unless he/she is registering - in which case, the registrant will be moved to the Prevention Usergroup or rebanned if a previous account is found to be banned. Again, the Login Detection will not prevent a user from logging in nor will it ban anyone; it will just notify you through PM/thread depending on your settings.

If you do not want to receive the notifications for those users who use the same computer, then add one of their User ID numbers to the Ignored Users and enable Ignore Child Accounts. With Ignore Child Accounts enabled, as long as a user is seen as a multiple of an ignored user (or Usergroup), the user will be ignored from any kind of detection.

Would that solve your problem? :)

Yes, that would solve my problem, Thank you.:up:

Thank you. I have it installed. It has 20 seconds. :D

But I'm still worried that hackers can use this folder to a virus or something in my forum to bring.
If I were a htaccess file would create, how must it look like? can you please tell me? : o I am sorry that I pester.

I'm not sure that there would be a way to disallow public access but to allow vBulletin to still use it. This is partially why a .htaccess file is not included in this modification. The majority of the reason is because there is no way that any of these files can be used improperly. None of these files use $_GET, $_REQUEST, or $_POST. Only $_COOKIE is used and that will not even get called if someone manually accesses the files. You should not worry about this.

If you know how, you can simply copy the code from the files to the plugins, but this will make vBulletin consistently use more memory. The modification is coded with files to make everything faster and more efficient. Again, the files do not add any risk because they are only useful if vBulletin uses them - not if some person tries to.

Yes, that would solve my problem, Thank you.:up:

Notta problem. Just remember to mark it as installed for updates ;)

ok I do not install htaccess.

another problem:

I was with the IE as admin and registered with the FF as a user. but there is no double account displayed. pn, etc. did not set anything.

What is the main difference between your mod and this here: https://vborg.vbsupport.ru/showthread.php?t=183268&highlight=Multiple+Login+Detector

That is but in the description. ;)

2nd why no htaccess file? dan but everyone can access it or I see this wrong? I do not want a door for a hacker up. do you?

Why don't you disable open directory listing, or just upload a blank "index.html"-file to this folder?

nobody can access your directory then without knowing the exact filenames.

Nice mod. Found a small error in 2 phrases.
In madp_reg_message:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered. {4}
madp_regip_message:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered with the IP address: {5}. {4}
(I removed the URL-tags in the above to avoid being displayed as links)
The &amp; isn't being parsed. The link will now show up as http://www.forum.com/member.php?do=getinfo&amp;username=ray and it should be http://www.forum.com/member.php?do=getinfo&username=ray

ok I do not install htaccess.

another problem:

I was with the IE as admin and registered with the FF as a user. but there is no double account displayed. pn, etc. did not set anything.

This works with cookies. If you have the IP Address Prevention, it should catch it, but if not, cookies will not carry through different browsers. Also, make sure you don't have your Admin account ignored.

What is the main difference between your mod and this here: https://vborg.vbsupport.ru/showthread.php?t=183268&highlight=Multiple+Login+Detector

The difference is the new and improved features, as well as faster, more efficient code.

Why don't you disable open directory listing, or just upload a blank "index.html"-file to this folder?

nobody can access your directory then without knowing the exact filenames.

Funny you should mention that, I actually thought that I did, but it appears that I only have it on my server... Apparently I forgot to package it. I'll reupload the package with a blank index.html. Of course, the version will remain the same.

Nice mod. Found a small error in 2 phrases.
In madp_reg_message:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered. {4}
madp_regip_message:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered with the IP address: {5}. {4}
(I removed the URL-tags in the above to avoid being displayed as links)
The &amp; isn't being parsed. The link will now show up as http://www.forum.com/member.php?do=getinfo&amp;username=ray and it should be http://www.forum.com/member.php?do=getinfo&username=ray

Excuse me? I do not see any errors in that. If you removed the URL tags, that's modifying my modification, and then that's not my fault. If you keep the URL tags in there, it should display just fine. The &amp; string is the correct way to link anything with & in it - it doesn't break anything. Also, there's no reason to not link to the member info - it just makes things easier.

real? an empty index.html can protect me?

Excuse me? I do not see any errors in that. If you removed the URL tags, that's modifying my modification, and then that's not my fault. If you keep the URL tags in there, it should display just fine. The &amp; string is the correct way to link anything with & in it - it doesn't break anything. Also, there's no reason to not link to the member info - it just makes things easier.
You don't get it. I removed the url-tags, otherwise you won't see that piece of code in my reply. I left it the way it was in the phrase.
Point is, the &amp; is not being parsed. In other words, the link that'll show up in the message or pm will be:
http://www.forum.com/member.php?do=getinfo&amp;username=ray instead of http://www.forum.com/member.php?do=getinfo&username=ray

Not clear enough? Here's how it would be on vb.org:
https://vborg.vbsupport.ru/member.php?do=getinfo&amp;username=ray-

Doesn't work, because the "&" isn't parsed.
What does work is:
https://vborg.vbsupport.ru/member.php?do=getinfo&username=ray-

I have Multiple account login detector (AE Detector) installed.
https://vborg.vbsupport.ru/showthread.php?t=183268
Is this an upgrade for that or a completely different installation?

real? an empty index.html can protect me?

An empty index.html will just ensure that the files are not listed in the /madp/ folder. Nothing bad can come from someone knowing of the files in this folder, but it allows there to be a blank page instead of showing specific files.

You don't get it. I removed the url-tags, otherwise you won't see that piece of code in my reply. I left it the way it was in the phrase.
Point is, the &amp; is not being parsed. In other words, the link that'll show up in the message or pm will be:
http://www.forum.com/member.php?do=getinfo&amp;username=ray instead of http://www.forum.com/member.php?do=getinfo&username=ray

Not clear enough? Here's how it would be on vb.org:
https://vborg.vbsupport.ru/member.php?do=getinfo&amp;username=ray-

Doesn't work, because the "&" isn't parsed.
What does work is:
https://vborg.vbsupport.ru/member.php?do=getinfo&username=ray-

Apparently, we are both right. &amp; is a correct and standard entity, however, it seems that the '&' in '&amp;' is being parsed, so it's turning out to be &amp;amp;.

The &amp; entity is a standard - just like &nsbp; and &copy; - but since this is affecting some browsers like Opera, I'll try it with a blank & in hopes that it will be correctly parsed into &amp;.

Thank you for bringing this up.

I have Multiple account login detector (AE Detector) installed.
https://vborg.vbsupport.ru/showthread.php?t=183268
Is this an upgrade for that or a completely different installation?

This is a completely different modification. You should uninstall the "Multiple account login detector (AE Detector)" and "Multiple Account Registration Prevention" before installing this modification.

OK thank you very much for response.

Great job ..... ANd thanks ,,

I'll be happy to add in a feature if I can, but I do not understand what you are trying to ask me. Could you please reword your request?
sorry my bad,
lets say that alessai1 and alessai2 are sharing the same computer

when i open alessai1 profile it will be great if there is a tab (anything else is fine) that shows alessai2 is sharing the computer with alessai1.....

when i want to give alessai1 infraction a note appears, that tell me alessai2 is sharing the computer with alessai1

another idea (dont really need it) if alessai1 and alessai2 posted in the same thread, a small icon appears on alessai1 postbit that takes you to alessai2 post (and same apply to alessai2 post).

those ideas will make our life much easier because to me right now the addon is useless because i have a big forum, and i cant prevent every one and cant check every thread created by the addon

sorry my bad,
lets say that alessai1 and alessai2 are sharing the same computer

when i open alessai1 profile it will be great if there is a tab (anything else is fine) that shows alessai2 is sharing the computer with alessai1.....

when i want to give alessai1 infraction a note appears, that tell me alessai2 is sharing the computer with alessai1

another idea (dont really need it) if alessai1 and alessai2 posted in the same thread, a small icon appears on alessai1 postbit that takes you to alessai2 post (and same apply to alessai2 post).

those ideas will make our life much easier because to me right now the addon is useless because i have a big forum, and i cant prevent every one and cant check every thread created by the addon

I'm truly sorry, but at this time, I do not think I'll be able to add that. A few reasons: I would like this modification to remain as compatible as possible with previous versions, and there are major profile differences between vBulletin 3.6.x and vBulletin 3.7.x; also, such a feature would require a database table, and I don't want to get into database work if the modification doesn't require it to function properly; and finally, I wouldn't know where to begin with the install/uninstall code for a database-involved modification.

Maybe in time, if I learn more about the differences in vBulletin versions, install/uninstall code for database tables, and SQL, itself. For now, though, my only suggestion is to let the modification prevent multiple registrants, and then prune the multiple accounts on a weekly basis by going to the AdmcinCP home, clicking [View] next to 'Users to Moderate' near the top, and deleting all of them. That should work out nicely as long as you have the Prevention Usergroup set to 4 (Users Awaiting Moderation).

Again, I'm sorry that I cannot add in those features at this time =/

On a brighter note, I'm about to release version 1.0.2, which has a few improvements, a fix for the &amp; interpretation that 'ray-' brought up, and an added feature (Ignored ISPs).

Alright, version 1.0.2 has been released.

The Ignored ISPs feature has not been sufficiently tested, so while I will continue testing it on my forums, I would like feedback on this somewhat-beta feature.

I'll try to have version 1.0.3 out as soon as possible, which will enable administrators to have a custom name for the cookie instead of just IDstack.

Edit:

I have just finished up version 1.0.3 and I plan to release it later today - after a good bit of testing.

Thanks. :)

Version 1.0.3 is now out.

Check the history (found here (https://vborg.vbsupport.ru/showpost.php?p=1687138&postcount=2)) for notes on the changes.

I strongly recommend everyone grab the updated version to take advantage of the Cookie Name feature.

Let me know if there are any problems!

Ok i have installed it and i even create double account juss for the test purpose but nothing happened. I mean it is suppose to send me private message right coz i have create double account.

I wanna test it but dont know proper way to test it. Any suggestions good ppl.

Great Mod, only problem with it is... I have a few members of my forum that share the same computer [for example, User1 might be the mom, User2 might be the dughter, and they use the same IP or same computer, but have different accounts]. Might become a bother if they are very active. Probably the only thing keeping me from fully installing.

Ok i have installed it and i even create double account juss for the test purpose but nothing happened. I mean it is suppose to send me private message right coz i have create double account.

I wanna test it but dont know proper way to test it. Any suggestions good ppl.

You have to configure it properly first. The default settings (like recipients of PMs and forum to post in) are blank and must be set to correct values for a multiple account to be reported. Also, the Multiple Account Reporter must be set to a valid User ID number.

Great Mod, only problem with it is... I have a few members of my forum that share the same computer [for example, User1 might be the mom, User2 might be the dughter, and they use the same IP or same computer, but have different accounts]. Might become a bother if they are very active. Probably the only thing keeping me from fully installing.

I know. I have the same thing on my forum - I'm sure many administrators do. The thing is, this modification utilizes ignore features. You can ignore specific users and ignore their child accounts (if they have any). I suggest taking advantage of that. In your case, if User1, User2, and User3 all use the same computer, then just put User1's ID number on the Ignored Users and enable 'Ignore Child Accounts.' Also, this modification will only report new detections - as long as the account-counting cookie is intact. Anyway, as I just said, I suggest that you use the ignore features in combination with 'Ignore Child Accounts.'

I have to say great job , well done .. Is it possible to have this make a post in some forum when a banned member attempts to join the forum again ..

Well, yes... It should do that automatically if you have Registration Prevention on and Reporting by New Thread is correctly set. In the post, it will have this line if they were rebanned: "One or more linked accounts is currently banned, so the new account has been rebanned."

And remember, everyone... The ignore system takes priority over rebans. If someone is on the ignore list (or if they are a child account of someone on the ignore list and that feature is enabled) then they will ultimately been ignored.

Just to give you guys a heads-up, version 1.0.4 will be coming out soon with the option of verbose mode, which will report the exact information found in the account-counting cookie. I'll explain more about this whenever I release it.

I'm still open to new suggestions.

Well, yes... It should do that automatically if you have Registration Prevention on and Reporting by New Thread is correctly set. In the post, it will have this line if they were rebanned: "One or more linked accounts is currently banned, so the new account has been rebanned."

And remember, everyone... The ignore system takes priority over rebans. If someone is on the ignore list (or if they are a child account of someone on the ignore list and that feature is enabled) then they will ultimately been ignored.

thanks , I'm not too worried about the multi user registration - many members at my forum log in at their friends computer to show them the site - then the friend joins ..

But the auto ban would save me many hrs a day ..

any way to have both or either one work ?

thnaks again .. Total

What do you mean "have both or either one work?"

Open your AdminCP, go to the Multiple Account Detection & Prevention Options, and click on the question marks (help topics) if you want specific information on the options.

Hi Kiros, i installed your mod and tested it.
It detected double accounts, but i'm getting error when new members registering in my forum.

Fatal error: Call to undefined function: stripos() in /home/content/b/1/n/b1n/html/forums/madp/prevention.php on line 94

Any idea why i'm getting this error?

What do you mean "have both or either one work?"

Open your AdminCP, go to the Multiple Account Detection & Prevention Options, and click on the question marks (help topics) if you want specific information on the options.

Thanks that explained things . I did not click on the ? marks ..

could it be possible to get when the re-ban happens , a post is made in a forum .. Like how the Report by New Thread is done for the multiple account detection ?

thnaks again ..

Ok I found this. When i turn on the IP IP Address Prevention

It give same error for new members who try to register, and if this option is turned off , the error disappear on the new register

For me, the add-on nothing. although I logged with 3 Account had with the same browser.

There are no user groups and not ignored.

Hi Kiros, i installed your mod and tested it.
It detected double accounts, but i'm getting error when new members registering in my forum.

Fatal error: Call to undefined function: stripos() in /home/content/b/1/n/b1n/html/forums/madp/prevention.php on line 94

Any idea why i'm getting this error?

Oh dear. I'm sorry. I wasn't thinking when I put stripos() in there. It's only available in PHP5 and up. You probably have PHP4. I'll swap it out with strpos() in the next version.

Edit:

Actually, I might go ahead and make a PHP4 version. Stay tuned. Until I release it, please keep that problematic option disabled. I'm sorry about the inconvenience =/

Thanks that explained things . I did not click on the ? marks ..

could it be possible to get when the re-ban happens , a post is made in a forum .. Like how the Report by New Thread is done for the multiple account detection ?

thnaks again ..

As I've already said, whenever a multiple registrant is rebanned, it says so within the post. As long as you have Registration Prevention enabled, have correct settings for the Report by New Thread, and have the reban settings correct, it will say it within the post. ;)

For me, the add-on nothing. although I logged with 3 Account had with the same browser.

There are no user groups and not ignored.

I have no clue what you said :confused:
Sorry.

Attention: Everyone... The next version (1.0.4) will be released soon, but I am in the middle of moving a website - the same website I develop the modification on. As soon as the site is reopened and the DNS is propagated, I'll be able to release the new version. Please be patient... It might be another couple of days.

Installed!!!
and Nominated! https://vborg.vbsupport.ru/external/2012/01/12.gif

Thanks, I love you too ;)

By the way, I've decided to skip a small improvement and go for a rather decent set of improvements. So version 1.0.4 will not be released. Instead, version 1.1.0 will be :)

I may be ready to release it by later tomorrow night or the day after. Stay tuned.

I really need help. I keep getting spammed and most of it is coming from the same people. I can tell by the same and similar ads. etc. It's gotten way out of hand and it's killing my site.

I've honestly just thought about deleting the forum and letting the spammers win but before I do I thought I'd ask for help.

I tried installing this upgrade in hopes to finally permanately get rid of the returning scum bags that keep hammering my forum with spam.

I'm a complete rookie to installing new products and am having some trouble. I can't get into the "setting group" panel shown in the thread here. Could somebody please give directions to or help a total rookie find the answer to this problem? I feel stupid asking but I really need help.

I have uploaded the file :madp to my forums folder

Then I went to my admincp and imported the product at:
Plugins & Products > Manage Products

It seemed to instal ok but I can't figure out how to get to the settings panel.

OK, I figured it out.

Sorry to bother everybody with my ignorance. :o :o

Alright sir, i will wait for your update :)

mmm, think i am missing something here.

Installed fine, real easy product, but when active and testing, all new registrations ger the same error:

Fatal error: Call to undefined function: stripos() in /mounted-storage/home21b/sub001/sc20647-EJMW/******.com/madp/prevention.php on line 139

any ideas ??

Doh !

Sorry, that will teach me, the answer is right up there just above me !

In version 1.1.0, this will not be a problem. For right now, you can fix this fairly easily. Open /madp/prevention.php in a PLAIN text editor (not Microsoft Word or other rich text editors), search for "stripos" (without quotes), and replace it with "strpos" (without quotes).

Sorry again for the inconvenience. The next version will be out as soon as possible!

Hi Kiros72!!!!

Thanks for this Awesome mod, was pretty useful on the forum, and is giving a lot of interesting info.

I install the 1.0.1 and works great, I upgrade to 1.0.3, but is giving me some errors.

A) The phases {2}, {3}, {4}, etc., change so I have to remake the translation.

B) I have some problems with the reban option. If the user is on the Waiting for Activation Group, the system took the account as banned, and put the account to #1 Group, instead of the Designed Banned Group.

I don't like the option to put the users on the COPPA group, because, I don't want they suspect or know about the system, so I designated the Waiting for Activation Group as the Moderation Group, this could cause the problem I describe on the past paragraph?

By the way, I Nominated the mod to MOTM.

Thanks and Merry Xmas!!! :)

installed it couples of days ago and i must say this is a great mod.thnx won't mind to nominate it for the month.
the ideas in it are according to today's everyday problems,but there is only onething i would like to see change in which is reban the ban user.i think it will be superb addition if the ban user can't register again PERIOD.we can always unban his previous username and notify via e-mail if we want him to join again.
it will be a great help from your side if you can do that.again thanks

Hi Kiros72!!!!

Thanks for this Awesome mod, was pretty useful on the forum, and is giving a lot of interesting info.

I install the 1.0.1 and works great, I upgrade to 1.0.3, but is giving me some errors.

A) The phases {2}, {3}, {4}, etc., change so I have to remake the translation.

B) I have some problems with the reban option. If the user is on the Waiting for Activation Group, the system took the account as banned, and put the account to #1 Group, instead of the Designed Banned Group.

I don't like the option to put the users on the COPPA group, because, I don't want they suspect or know about the system, so I designated the Waiting for Activation Group as the Moderation Group, this could cause the problem I describe on the past paragraph?

By the way, I Nominated the mod to MOTM.

Thanks and Merry Xmas!!! :)

Glad to hear that you like it :)

A) Yes, if you use translations in the phrases, you will have to rebuild them manually since I do not currently have different translations built into the modification. This is just how vBulletin works. Sorry =/

B) I'm going to have to get back to you on this issue. This might be faulty coding on my part, but it might just be the clash of settings. I'll look into this. In the meantime, try to create a new Usergroup and use that as the Prevention Usergroup.

installed it couples of days ago and i must say this is a great mod.thnx won't mind to nominate it for the month.
the ideas in it are according to today's everyday problems,but there is only onething i would like to see change in which is reban the ban user.i think it will be superb addition if the ban user can't register again PERIOD.we can always unban his previous username and notify via e-mail if we want him to join again.
it will be a great help from your side if you can do that.again thanks

I'll take this into account. In version 1.1.0, I may make this an option for both prevention and reban. Thank you for your suggestion! :)

Glad to hear that you like it :)

A) Yes, if you use translations in the phrases, you will have to rebuild them manually since I do not currently have different translations built into the modification. This is just how vBulletin works. Sorry =/

B) I'm going to have to get back to you on this issue. This might be faulty coding on my part, but it might just be the clash of settings. I'll look into this. In the meantime, try to create a new Usergroup and use that as the Prevention Usergroup.



I'll take this into account. In version 1.1.0, I may make this an option for both prevention and reban. Thank you for your suggestion! :)

great and thnx for considering :up:

B) I have some problems with the reban option. If the user is on the Waiting for Activation Group, the system took the account as banned, and put the account to #1 Group, instead of the Designed Banned Group.

I don't like the option to put the users on the COPPA group, because, I don't want they suspect or know about the system, so I designated the Waiting for Activation Group as the Moderation Group, this could cause the problem I describe on the past paragraph

I think that I might know the problem here. Did you not change your Cookie Name after you installed version 1.0.3?

I think that I might know the problem here. Did you not change your Cookie Name after you installed version 1.0.3?

Yep, I change the cookie to a new name, I'll attach a screenshot in that way you can check my settings. And I'll explain why I'm using some of them, maybe could be useful.

Ignored Usergroups: 5,6,7,16
Me and my Trusted Group

Prevention Usergroup: 3 = Group of Users Awaiting email Confirmation
If I validate the account manually (COPPA), some of this users could not Activate they account, so I just prefer to leave the normal vBull process, and when they activate they account pass to the Registered User Group

Extended IP Address Prevention: No
I'll activate it when I'm on attack or have problems on the forum.

Reban Banned Accounts: NO
Deactivated until the new version (1.1.0) arrives. I really like this option.

Forum to Post New Threads: 354
Our moderator sub forum for MADP

Cookie Name: myid (example)
I put a custom name as soon I install the new version (1.0.1 to 1.0.3)

Almost all the options were the same I was using on the 1.0.1, the prevention was working well, but since the upgrade, all the new accounts detected were been moved to User Group 1 (no session/guest) instead of the # 3

I was going to reinstall the 1.0.1, but I gladly work with the current, I only have from 3 to 8 detected accounts per day, so I can still handle the problem :D

Thanks and Happy xMas Day!!! :)

Honestly, I'm still confused as to why it's doing that. Have you tried creating a custom Usergroup and then setting the Prevention Usergroup to its ID?

Honestly, I'm still confused as to why it's doing that. Have you tried creating a custom Usergroup and then setting the Prevention Usergroup to its ID?

Not yet. But I'll do the following:

A) I'll set up the Prevention Usergroup to 4 (COPPA) instead of the 3, to see what happen.
B) If tomorrow the system still failing, I'll remove the mod and reinstall it again, maybe that could help.

I'll let you know the results

By the way, when do you think to release the 1.1.0?

Thanks Kiros!!!

I'll be releasing version 1.1.0 as soon as possible, but I'd like to get all of the bugs worked out prior to doing so. This means that I'll be doing extensive testing.

I think that I can confirm this bug. It seems that I released version 1.0.3 too soon.

I'll release a fix (version 1.0.4) within 24 hours.

After I installed this add-on I try to log into my account or any user I get this code:
Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home/doncubac/public_html/foros/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/doncubac/public_html/foros/includes/functions_login.php(185) : eval()'d code on line 3

Can somebody tell me what I did wrong or what can I do to fix this problem. Thank you for any help. :confused:

After I installed this add-on I try to log into my account or any user I get this code:
Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home/doncubac/public_html/foros/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/doncubac/public_html/foros/includes/functions_login.php(185) : eval()'d code on line 3

Can somebody tell me what I did wrong or what can I do to fix this problem. Thank you for any help. :confused:


did you place the madp folder into your forum root directory ?? For example forum / madp ??

I did 2 steps only

1) Upload the contents of the 'upload' folder to your forum's root.
(If your forum's location is http://www.example.com/forums/, the root is /forums/)

2) Import the product XML file (product-kiros_madp.xml) into the Product Manager within your AdminCP.
(When upgrading, always make sure that Allow Overwrite is set to yes!)

do I have to make any config to make it work?

Very very nice mod :) I hope support continues for many moons to come :D

I did 2 steps only

1) Upload the contents of the 'upload' folder to your forum's root.
(If your forum's location is http://www.example.com/forums/, the root is /forums/)

2) Import the product XML file (product-kiros_madp.xml) into the Product Manager within your AdminCP.
(When upgrading, always make sure that Allow Overwrite is set to yes!)

do I have to make any config to make it work?

No, that should work just fine. But it really looks like you uploaded the /madp/ folder to the wrong place. Either that, or it has the wrong permissions set.

Please be certain that you've uploaded everything INSIDE the 'upload' folder, and not the 'upload' folder, itself. If you go to your forums, you should be able to go to (website.com)/(forums)/madp/index.html and get a blank page without warnings if you have it correctly set up.

No, that should work just fine. But it really looks like you uploaded the /madp/ folder to the wrong place. Either that, or it has the wrong permissions set.

Please be certain that you've uploaded everything INSIDE the 'upload' folder, and not the 'upload' folder, itself. If you go to your forums, you should be able to go to (website.com)/(forums)/madp/index.html and get a blank page without warnings if you have it correctly set up.


I have solved my problem thank you very much :up :;)

I think that I can confirm this bug. It seems that I released version 1.0.3 too soon.

I'll release a fix (version 1.0.4) within 24 hours.

Hi Kiros!!!

Version 1.0.4 Installed, I should have some fishes on the MADP in around 24 hours. I let you know the results. I setup the Prevention Group to 3 again on my settings, so they should activate they account and don't got a clue that has been catch.

Thank you very much for the update.

Best regards!!! :D

Alrighty, cool stuff. Just keep in mind that if you normally have your members confirm their email address, then their Usergroup will be changed to 'Registered Users' whenever they click on the activation link. If you want to prevent this, use a different Prevention Usergroup.

Alrighty, cool stuff. Just keep in mind that if you normally have your members confirm their email address, then their Usergroup will be changed to 'Registered Users' whenever they click on the activation link. If you want to prevent this, use a different Prevention Usergroup.

Hi Kiros!!!

Yep, that's why I setup that Group (3), the users can activate the account, and all works normally, but the Thread send by the MADP alert all the staff and moderators about this account.

I have a secondary configuration, just in case the forum is attacked, in that case the Prevention Usergroup goes to a group with the Miserable Users mod (https://vborg.vbsupport.ru/showthread.php?t=165961), in that way I buy some time.

I think this mod is awesome, save a lot of time to the admin and pretty useful to all size of forums. :D

EDIT: Checked... Tested... All working great. Thanks Kiros.

Hi Kiros , i upgraded it to the newest version and also replaced everything but the problems is still on the new registration

When i turn on the IP IP Address Prevention , it give same error for new members who try to register.
Do i need to edit something?
Fatal error: Call to undefined function: stripos() in /home/content/b/1/n/b1n/html/forums/madp/prevention.php on line 94

Here, Leb. Upload this prevention.php to your /madp/ directory.

This patched up version of the prevention.php does not have the stripos() function call, so it will not glitch on servers with PHP4 installed.

Thank you very much kiros. I will upload the file later and then i will let you know <3

Hi Kiros!!!

I find some problem with the reban option. Is not re banning the users.

As far I remember, the last time the reban was banning users who was on the 3 Usergroup (Waiting email Confirmation), but I have a issue with a user today, and I active the reban option, the system detect the multiple login and list the banned accounts, but didn't send the new registration to the designed Banned Usergroup.

I didn't give him change to activate his account and I banned manually, I don't know if you made some changes and the ban will be applied until he activated the account?

I attach the current setting. Thanks and best regards!!! :D

Yagne, could you attach a screenshot of the report?

I see that if a user makes a NEW usermame, that hte NEw one is placed in the prevention usergroup... whath appens with the user names already made? can those be moved as well?

Unfortunately, no. I'm not sure if I could add that feature in just because that could be very dangerous. Say if you were the only administrator of your forum (or the other administrator was on a long-term vacation). If you forgot to put your User ID or Usergroup ID in the ignored lists and you decided to make a test account, you would be moved from the Administrator Usergroup to the Prevention Usergroup.

It's better to do this kind of thing by hand. I like to contact the person via his or her original account because they sometimes have a good reason to make a second account (such as a family member or friend wanting an account).

Besides, that could actually lead to exploits. I won't go into detail, but trust me, it's better not to have such a feature.

Version 1.1.0 is now available.

I'll have some updated screenshots up soon.

look great and useful...but...is this going to work on vB 3.6.8 version? hope so...

best regards and happy holidays...

;)

It's probably compatible with vBulletin 3.6.x, but no one has confirmed it yet. My advice is to give it a shot if you'd like to, but backup your database before installing it (just in case).

hx for the excellent update. I'm testing it right now, so far everything seems to be running good :)

hi kiros,is this the one in which ban users wont be allow to register?i see the attachment.lets say if i choose move to usergroup except ban user.will this option disallow ban user to register? thanks

i am down with this mod of yours so i am gonna put it for MOTM

Awesome stuff.

Yes, "Move to Usergroup, Except Banned Users" means that regular multiple registrants will still be registered and moved to the Prevention Usergroup, but those registrants that have one or more banned accounts will be completely disallowed from registration - they will receive an error message and no account will be created. "Disallow Registrants, Except Banned Users" is the opposite, where banned users will be rebanned and everyone else that tries to register a multiple account will be disallowed entirely.

Though remember, you must have the Banned Accounts Check enabled and the Primary Banned Usergroup set correctly if you want this modification to correctly identify banned users.

Hello.

Since the update I have 2 options under Settings. Is it correct?

Thank you. :)

Yes, you should have:

Multiple Account Detection & Prevention Options
Multiple Account Detection & Prevention Reporting

The first one controls the main internal operations of the modification, while the other one has all of the reporting settings.

thnx alot kiros for the effort,i m gonna install update n check it out

i dont know if its a problem or i did something wrong in setting.it is showing in the pm notification the same user's name twice

Multiple login detected from ******.

Other recognized logins for this user are:

1. ******

its showing from and other the same name,i thought if same person logs in with a different name then it will report it.any idea,thnx

by the way i did change the cookie name

Could you please enable Verbose Mode, then copy and paste the report here? If you want to censor out the usernames, please just rename them separately (i.e. SomeGuy1, SomeGuy2, etc.) so I can tell if it's identifying reporting incorrectly. You can also censor your Cookie Name if you'd like.

It's probably compatible with vBulletin 3.6.x, but no one has confirmed it yet. My advice is to give it a shot if you'd like to, but backup your database before installing it (just in case).Thanks for this Bro...it looks that it's working okay to my vB 3.6.8 PL2 at this moment...just tested it to my own account...want to test it once more to any of my staff to make sure...

one more thing...
can you throw some point clue about good vb option setup to make it work "no auto action to any users being caught"...but just only to detect them and report to forum report area...i just want to do the action manually maybe...if i'm going to banned that user or not...

looks really great mod...million thanks and happy new year...

;)

Edward, just enable Silent Mode and you should be good to go. It won't matter what Prevention Method you use - as long as it's activated. Same thing with the Login Detection, but that currently only has two options anyway.

Right, so just make sure Silent Mode is enabled, as well as both the Login Detection and an active Prevention Method. It should then just report everything to you rather than taking automated actions.

Wow, I was out a few days and looks like the mod have a lot of activity.

I'll install the new version, as soon I have the reban problem again I put the report based on the new update, (of course if the problem presents again.)

Best regards and thanks for the hard work Kiros!!! :D

NOTE: ---

Could you please enable Verbose Mode, then copy and paste the report here? If you want to censor out the usernames, please just rename them separately (i.e. SomeGuy1, SomeGuy2, etc.) so I can tell if it's identifying reporting incorrectly. You can also censor your Cookie Name if you'd like.

will do that thnx

Wow, I was out a few days and looks like the mod have a lot of activity.

I'll install the new version, as soon I have the reban problem again I put the report based on the new update, (of course if the problem presents again.)

Best regards and thanks for the hard work Kiros!!! :D

NOTE: Please don't use any cookie name, I use one like albumid, but that cause a mess on the Members Album List on Firefox.

I assure you, the Cookie Name feature can be used. It's very unwise to use a Cookie Name that vBulletin uses. Plain and simple, the name shouldn't be leeched off of vBulletin. Of course, that would create conflicts. If you named it something like that, then that was your mistake. Please don't tell my modification's users to not use the feature.

works great sofar thanks for this mod

will do that thnx

hi,kiros i did enable verbose and i noticed yesterday one of my user was logged in with 2 different names but the ip was same,mod didn't notified me about it.anyway this is not my big concerns.the onlything i am concern about is if the banning option will be working to prevent ban users to register.the rest i can live with.thanks

I installed the script uncorrectly :O and now i cant login and im getting this error at login:

Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home/habjay/public_html/forum/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/habjay/public_html/forum/includes/functions_login.php(185) : eval()'d code on line 3


I need help, please dont tell me i cant fix it :(

I assure you, the Cookie Name feature can be used. It's very unwise to use a Cookie Name that vBulletin uses. Plain and simple, the name shouldn't be leeched off of vBulletin. Of course, that would create conflicts. If you named it something like that, then that was your mistake. Please don't tell my modification's users to not use the feature.

mmm... you mistake my comment kiros or I don't make me self clear. sorry about that.

I was telling don't use that kind of names on the cookies name field.
The Legend of that field said:
Enter the account-counting cookie's name. Be sure to not use the forum's cookie prefix or 'bb' in this name.

albumid
A) Don't have a custom vbull cookie prefix, or
B) is bbalbumid
C) albumid name wasn't listed on the browser Site cookie so I think was available.

But that name make a mess on Members Albums using Firefox.

Was only and useful advice about what can happen to avoid other happen the same thing. :(

NOTE: I edit the note on my last post to make it more clear, to avoid problems.

hi,kiros i did enable verbose and i noticed yesterday one of my user was logged in with 2 different names but the ip was same,mod didn't notified me about it.anyway this is not my big concerns.the onlything i am concern about is if the banning option will be working to prevent ban users to register.the rest i can live with.thanks

The Login Detection does not look for IP addresses - the Registration Prevention does.

I installed the script uncorrectly :O and now i cant login and im getting this error at login:

Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home/habjay/public_html/forum/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/habjay/public_html/forum/includes/functions_login.php(185) : eval()'d code on line 3


I need help, please dont tell me i cant fix it :(

It looks like you didn't correctly upload the contents of the 'upload' folder. Make sure you do this so the /madp/ folder will be in your forum root (i.e. www.example.com/forum/madp/).

mmm... you mistake my comment kiros or I don't make me self clear. sorry about that.

I was telling don't use that kind of names on the cookies name field.
The Legend of that field said:
Enter the account-counting cookie's name. Be sure to not use the forum's cookie prefix or 'bb' in this name.

albumid
A) Don't have a custom vbull cookie prefix, or
B) is bbalbumid
C) albumid name wasn't listed on the browser Site cookie so I think was available.

But that name make a mess on Members Albums using Firefox.

Was only and useful advice about what can happen to avoid other happen the same thing. :(

Ah, sorry. Though in English, you literally told everyone to not use the feature. The feature works just fine. If you name it to something that messes up a site feature, then that cookie is already being used somehow. That means that it's being leeched off of vBulletin in someway. In that case, just don't use it. I recommend something like "_agent" or "_type" (without quotes) or anything similar, as this wouldn't be seen as anything that would track logins/registrations.

Edward, just enable Silent Mode and you should be good to go. It won't matter what Prevention Method you use - as long as it's activated. Same thing with the Login Detection, but that currently only has two options anyway.

Right, so just make sure Silent Mode is enabled, as well as both the Login Detection and an active Prevention Method. It should then just report everything to you rather than taking automated actions.ahhh..okay...thanks for the support info...

Voted For MOTM for January 2009!!!

;)

does it work on 3.6.x?

In theory, it should. I haven't heard anyone complain. I'll be doing some official testing on vBulletin 3.5 through 3.8 within the next few days.

Just to let you all know, I'm working on the next major version, which will include some new methods for the Login Detection (much like Registration Prevention), IP address detection for logins, administrator protection, a settings diagnostic tool, some recommendations on how to get the best out of this modification, and anything else I can fit in.

I will also do further testing with different vBulletin versions. Though as of right now, this seems to work just fine on versions 3.6, 3.7, and 3.8.

Please let me know about bugs or requests as soon as possible so I can fix up the next version to be purely awesome.

Right now when I use post the report via new thread it creates a new thread under a super admins account...which increases his post count. Is there a way to change the username?

Could you please enable Verbose Mode, then copy and paste the report here? If you want to censor out the usernames, please just rename them separately (i.e. SomeGuy1, SomeGuy2, etc.) so I can tell if it's identifying reporting incorrectly. You can also censor your Cookie Name if you'd like.

ok i enable d the verbose and everything looks fine so far.and now its giving the right info when 2 users login with the same ip.so far so good,thnx:D

Right now when I use post the report via new thread it creates a new thread under a super admins account...which increases his post count. Is there a way to change the username?

Sure thing. If you want to change the reporter to be a different user, go to the reporting options, and change the "Multiple Account Reporter" to the ID number of the user that you want to report everything. If you want to keep the user but just change the username, then you can always edit the user's username within your AdminCP.

ok i enable d the verbose and everything looks fine so far.and now its giving the right info when 2 users login with the same ip.so far so good,thnx:D

Oh, that's good to hear! :) There shouldn't be any difference in the detection method whether verbose mode is on or not, so maybe the issue was just a fluke.

I've just encountered this for the first time. I have a listing of two users possibly being the same but the last three IP numbers are different: XX.XXX.XXX.230 vs XX.XXX.XXX.132. Is this plugin foolproof or can it make a mistake in detection?

Hmm... That hasn't happened to me.

Do you have access to phpMyAdmin?

Hmm... That hasn't happened to me.

Do you have access to phpMyAdmin?

I do, yes.

Alright. I have just reread your post and I'm actually wondering exactly what you meant. Did you mean that there was a detection of matching IP addresses, but the IP addresses didn't actually match? If so, prep and run this SQL:


SELECT userid
FROM %table_prefix%user
WHERE ipaddress = '%problem_ip%'


Be sure to replace the %table_prefix% with the table prefix (like 'vb_' or 'vbulletin_' or something else) that your database uses for vBulletin. Replace %problem_ip% with the IP address that was reported as the matching IP address.

After you run it, you should get 2 results if it's actually working properly.

If you meant that you wanted it to catch the incident, but it didn't, then there's not much that I can do for that. The entire IP address of everyone is checked because there can be hundreds of people that have a matching first three numbers (i.e. 124.78.20.100 could be the same person as 124.78.20.201, but it could also be someone else entirely). Checking only the first three numbers would make for a lot of false positives over the years.

hi I've had this on my forum for a few weeks now and it just detected 3 users 2 of them r banned but it seems it didn't ban or send to the specific user group but the prob is this user was registered before i installed this and this must have been the first time hes logged in since so dose this send to specific user group or ban them if they were all ready registered

Maybe I'm misunderstanding, but if the users were already registered, then it wouldn't ban them to begin with. Only the Registration Prevention moves to a specific Usergroup, which is normally the Prevention Usergroup, but if Banned Account Check is enabled and you have the Primary Banned Usergroup set correctly, they will be banned and moved to the Primary Banned Usergroup.

It will not reban someone if they simply login - that feature may appear in version 2.0.

wow. looks great.
I wish I saw this earlier. will definitely try it out.

Ladies and gentlemen, I'd like to give a small update on the progress of the next version.

Instead of having a decent amount of improvement (making it version 1.2.0), this next release will be a massive upgrade to version 2.0.0. Along with the other features that I previously noted, it will also carry database features, which offer even more flexibility and functionality.

I am currently finishing up a prototype for one of the login plugins. After I have finished the code and done sufficient testing, I'll reproduce the methods for the other plugins.

Basically, this means that I'm about a week (give or take a day) from releasing this major update.

Thanks, everyone, for your suggestions, requests, and support :)

Ladies and gentlemen, I'd like to give a small update on the progress of the next version.

Instead of having a decent amount of improvement (making it version 1.2.0), this next release will be a massive upgrade to version 2.0.0. Along with the other features that I previously noted, it will also carry database features, which offer even more flexibility and functionality.

I am currently finishing up a prototype for one of the login plugins. After I have finished the code and done sufficient testing, I'll reproduce the methods for the other plugins.

Basically, this means that I'm about a week (give or take a day) from releasing this major update.

Thanks, everyone, for your suggestions, requests, and support :)


cool! sounds great... guess I'll wait till the update. (give me time to do my own updates to forum first).

that said, quick question: do you know if it will be 3.8 Gold compatible?

Nice Modification Good Job :)

cool! sounds great... guess I'll wait till the update. (give me time to do my own updates to forum first).

that said, quick question: do you know if it will be 3.8 Gold compatible?

I don't see why not. It seems to have some issues on vBulletin 3.6.x when it tries to reban a user, but other than that, it's fine with 3.6 and above. I plan on doing initial testing on the three latest major releases (3.6.x, 3.7.x, and 3.8.x) before the new version is released. If I finish everything early, I'll be doing extensive testing before it's released - otherwise, such testing will take place afterward.

Nice Modification Good Job :)

Thanks :)

Great. Thanks a ton for the work on this mod. Just to be clear, it does work with 3.6 right now other than re-banning an account? All I plan on using it for is reporting of a users multiple account anyway..that works OK right?

Thanks a ton again,
Curt

From how I've tested it, yes, it works fine. Just have the Banned Account Check disabled and you should be good to go. If any unknown issue arises, let me know and I'll track it down.

Hi Kiros72, I'm receiving this error when a user see's the "Your registration is now complete" page.

Warning: strpos() [function.strpos]: Empty delimiter in [path]/madp/prevention.php on line 145

Warning: Cannot modify header information - headers already sent by (output started at [path]/includes/class_core.php:3242) in [path]/madp/prevention.php on line 277



And yes, the folder is in the correct position (I'm not new to this :p)

Alright, I think I see what happened.

Upload this to overwrite the prevention.php file in the /madp/ directory. Let me know if it works.

[[ prevention.php was removed because the fix is now in the product ]]

That did it! Bravo dude, include that in your next release, works flawlessly.

Cheers

Will do. Since version 2.0.0 is still a good ways away, I'll release a bug-fix (version 1.1.1).

Thanks for pointing that out!

I just want to congratulate you on a job well done on this mod, i like it very much and its helped our site out no end :)

thanks

Version 1.1.1 has been released. It includes a simple fix to both the regular prevention method and the disallowing prevention method. RHWiRED, you should upgrade to this version as well because only your regular prevention method was patched.

Have a good one :)

Hi kiros, thx for the update, but i have a question. I uploaded everything to my forum root but as you know i have php 4, do i need to download prevention.php to skip the error:

Warning: strpos() [function.strpos]: Empty delimiter in [path]/madp/prevention.php on line 145

Or you already fixed that problem.

Second, does this mod works on VB 3.8.x?

Thank you
Jonas

Cool mod. I'm also wondering if this works on 3.8.

Yes, version 1.1.1 addresses that "empty" warning. It should be good to go. There is no need to download/upload the prevention.php that was mentioned earlier in this thread.

I believe version 1.1.1 works perfectly fine on vBulletin 3.8. I haven't tested all of the features on the new version of vBulletin, but I'm confident that it all should work.

Let me know if you run into any problems!

I tested it on VB 3.8 and it seems like your mod working perfect. Thank you very much for the great mod <3

Yeah, I installed it as well & it's working just great. Thanks!

Just a quick question although sorry if ive missed the answer previously.......

I have a few members who on aol have the same ip although different members how is this rectified etc

If you want to use the IP Address Prevention, then you can also make use of the Ignored ISPs field. By default, "aol.com" is already there. Basically, anyone's IP address that resolves to being from AOL will be ignored from the IP address checks.

You can add or remove ISPs in the Ignored ISPs section if you want, but I strongly recommend keeping "aol.com" in there.

Hey, everyone. I need to make a small announcement.

Due to some personal issues, I cannot work on this modification as much as I intended - at least for the next week or two. I was planning to have version 2.0.0 finished up within the next 3 or 4 days, but I'm going to have to postpone this.

Sorry about the inconvenience. Version 1.1.1 will still be supported.

I'm wondering if this will still work with the old cookies from the mods that inspired this? I've been using the AE detector + MAD but I'm having a few issues and have looked through this code and I don't detect any problems with the IDstack cookie not being compatible. Thought I'd ask though.

Also, small bug, although it won't matter anyway:

$pmdm->set_info('reciept', false);

... has a typo. It's set to 'false' so I guess it doesn't matter much. :)

Yes, this will work perfectly fine with the old cookie. Just make sure to keep the Cookie Name set to "IDstack" (without quotes).

Heh, I wouldn't really call that a bug since it doesn't affect anything. But thank you for finding that typo! I'll fix it up in the next version. :)

Sweet hack...! :up: :up: :up:

Hi,

I installed this mod yesterday, thank you!

The threads that are being generated that inform me of a detection aren't displaying any information.

93314

This is my settings.

Registration Prevention - Move to Specific Usergroup
Silent Mode - No
Ignore Child Accounts - Yes
Prevention Usergroup - 4
IP Address Prevention - Yes
Extended IP Address Prevention - Yes
IP Address Time Inclusion - 60
Banned Account Check - Yes

93315

I was using the AE Detector before and worked ok but I want something that will check new members against previously banned members.

Any help would be appreciated!

Thanks! :)

That's strange. I've encountered this before while I was in the beta stages of coding version 1.1.0. I can't exactly remember the exact cause of it, but I know that this can also happen because of phrasing errors.

Do you still have the AE Detector installed?
Do you have a good bit of modifications installed?
What version of vBulletin are you using?
Do you know if this only happens for logins or for registration preventions?

You might want to try fiddling with the reporting options. For instance, disable verbose mode and enable private message reporting (also set your username for the recipient).

i have had this installed since it was released and was working fine until today and now i having same issues as glennybee The threads that are being generated that inform me of a detection aren't displaying any information


glennybee;1722109]Hi,

I installed this mod yesterday, thank you!

The threads that are being generated that inform me of a detection aren't displaying any information.

Hmm... I'm sorry to hear that.

I know that version 1.1.0 is working fine on my vBulletin 3.8.0 RC 2 installation.

I'll look into version 1.1.1 a little later today. In the meantime, try to uninstall/reinstall or at least try it with verbose mode disabled.

I'm using v3.8. I suppose I do have a lot of mods but it's not extensive.

I did have AE Detector but I uninstalled it before installing this mod.

I disabled prevention and I am still getting blank reports and members are being moved to the moderated usergroup.

i found out what caused The threads that are being generated that inform me of a detection aren't displaying any information it was vb optimize i unistalled it and its working great again btw i running vb 3.8.0 :D

i'm running this just fine with vbOptimise on 3.8. maybe there's something in your vbOptimise settings that's killing it?

I see... If anyone with vB Optimise installed could do some investigation to figure out what settings make my modification function improperly, I'd truly appreciate it. If I can find out what is causing it, I may be able to make a workaround for those that desire certain options in vB Optimise.

i'm running this just fine with vbOptimise on 3.8. maybe there's something in your vbOptimise settings that's killing it?

Hmm... Well, vBulletin.org shows that you have version 1.1.0 installed, not version 1.1.1. Maybe that's the real difference? Would you mind upgrading to see if that causes any issues?

Running vb 3.8.0 and 1.1.1 of the mod...
Both the message and the post are blank with just underscores... Have turned registration check off. Just using it to check for multiple logins. Do have vb Optimise , but not sure why that should be a trigger.

Evidently it's causing some kind of problem. See if disabling vB Optimise remedies the issue.

disabling doesnt work only unistalling vb optimise allows your mod to then work perfectly

Evidently it's causing some kind of problem. See if disabling vB Optimise remedies the issue.

Disabling vb Optimise does appear to work. VbO is quite helpful otherwise, so maybe we can figure out a way to get it to work?

While the PMs are going ok, the messages are not getting posted to the forum. Not sure why one should work and not the other?

The reporting forum is a subforum inside a parent forum that is visible only to mods/admins. the "reporting user" is a admin.

ndahiya

Downloaded and installed, thanks for sharing this hack :D

Okay, thanks for your input, guys. I'll talk to the author to see if there's a clear cause.

Sorry. I haven't received a response from the author of vB Optimise. I'll start looking into it myself. Until a solution is found, either keep vB Optimise disabled or disable reporting via new threads.

hey kiros,

sorry for the lag....i haven't upgraded to 1.1.1 but i'm noticing that on 1.1.0, it's sporadically posting blanks (or underscores, as the case may be). sometimes, however, it's working perfectly fine. disabling vboptimise seems to fix it but i'd honestly rather have this working partially with vbOptimise than disabling it entirely. :p

Hi there

I have a few members moved to prevention group but I got no notification about them. I just found them in the prevention group. What are these members? Why I'm not getting a pm about these member?

Note that I'm getting notifications about multiple registrants and these users are getting moved to the prevention group without problems.

help me
after installing the mod it seem user can't login and appear "
Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home2/lintasca/public_html/forum/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home2/lintasca/public_html/forum/includes/functions_login.php(185) : eval()'d code on line 3"

help me
after installing the mod it seem user can't login and appear "
Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home2/lintasca/public_html/forum/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home2/lintasca/public_html/forum/includes/functions_login.php(185) : eval()'d code on line 3"

i had the same problem, until i realized my ftp software did not upload "detection.php"

i was having a freak out session when i could not login to the admincp!

make sure you uploaded the contents of the 'upload' folder to your forum's root.
(If your forum's location is http://www.example.com/forums/, the root is /forums/)

hey kiros,

sorry for the lag....i haven't upgraded to 1.1.1 but i'm noticing that on 1.1.0, it's sporadically posting blanks (or underscores, as the case may be). sometimes, however, it's working perfectly fine. disabling vboptimise seems to fix it but i'd honestly rather have this working partially with vbOptimise than disabling it entirely. :p

I know, I know. I'm sorry about this. I've contacted the author of vB Optimise and he/she was absolutely no help. Not even a response... I actually haven't had any time to look into vB Optimise's code because I JUST got my computer running again; there was a major hard disk failure.

Hi there

I have a few members moved to prevention group but I got no notification about them. I just found them in the prevention group. What are these members? Why I'm not getting a pm about these member?

Note that I'm getting notifications about multiple registrants and these users are getting moved to the prevention group without problems.

I've never had that happen to me. Is it possible that a setting was configured incorrectly for a small amount of time - allowing prevention to be carried out but not allowing reports to be made? Is this still happening?

help me
after installing the mod it seem user can't login and appear "
Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3

Fatal error: require_once() [function.require]: Failed opening required '/home2/lintasca/public_html/forum/madp/detection.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home2/lintasca/public_html/forum/includes/functions_login.php(185) : eval()'d code on line 3"

It looks like the files weren't uploaded correctly. Make sure you have the /madp/ directory and all of it's contents uploaded to your forum root.

i had the same problem, until i realized my ftp software did not upload "detection.php"

i was having a freak out session when i could not login to the admincp!

Thanks for addressing their issue :)

For future reference, if anyone is stuck and cannot login, add this line near the top of the /includes/config.php file: define('DISABLE_HOOKS', true);

This will disable all of your plugins (including MADP).

Would it be an idea to add MAC address detection on registration?

Can this be combined with proxy blocking functionality?
DNSBL, RBL - Open Proxy monitoring/blocking (https://vborg.vbsupport.ru/showthread.php?t=201541)
Check Proxy RBL on New User Registration. (https://vborg.vbsupport.ru/showthread.php?t=131852)

Would it be an idea to add MAC address detection on registration?

If you can tell me how I would do that, then sure. I don't really think it's possible. But, if you can find a way and know that it can be incorporated into a modification, I'll definitely look into it.

Can this be combined with proxy blocking functionality?
DNSBL, RBL - Open Proxy monitoring/blocking (https://vborg.vbsupport.ru/showthread.php?t=201541)
Check Proxy RBL on New User Registration. (https://vborg.vbsupport.ru/showthread.php?t=131852)

Those modifications are independent of this one, so they should work just fine together.

please update to 3.8x..please

I believe it works with 3.8.0 just fine. I haven't heard any complaints yet.

really. let me try to install it.

good.....but i think is not work with 3.80. i installed it because so many user register with proxy ip. and when i installed it. i did not see any report to the forum or private messenger. why?

As long as the reporting options are set correctly, you should see postings and messages. The only conflict that I know of right now is when vB Optimise is installed.

Multiple Account Reporter setting
User ID of the account that will report multiple accounts.

should i keep the setting 1 or the admin user id? but my user id is ku666666. not the number 1

and Recipients of Private Messages
Enter the usernames of the users that private messages should be sent to. Separate with semicolons.

is that enter my admin user name?

i try to register two user account with the same notebook computers. but they allow me to register. and no report. is that not really work with 3.80

i try to register two user account with the same notebook computers. but they allow me to register. and no report. is that not really work with 3.80

needs to be same browser too , without cookies getting deleted

something maybe setting wrong. the proxy ip still can register more and more user. anyone can help it..i hate those crazy peoples. one ip register 51 user and then post ad in my forum.

Multiple Account Reporter setting
User ID of the account that will report multiple accounts.

should i keep the setting 1 or the admin user id? but my user id is ku666666. not the number 1

and Recipients of Private Messages
Enter the usernames of the users that private messages should be sent to. Separate with semicolons.

is that enter my admin user name?

i try to register two user account with the same notebook computers. but they allow me to register. and no report. is that not really work with 3.80

A "User ID" is not a username. You need to enter in the ID number. Whenever you view your profile, you can see your User ID in the address bar. Look for "u=XX" where XX will be some number.

For the private messaging recipients, that is where you put the usernames of those people that should get a private message. You must have the option enabled as well.

needs to be same browser too , without cookies getting deleted

Yes, thanks for the note! Yet I don't think that's the problem here.

something maybe setting wrong. the proxy ip still can register more and more user. anyone can help it..i hate those crazy peoples. one ip register 51 user and then post ad in my forum.

Yes, I believe that you are not getting the results that you want because you did not change the ignore settings. You're an administrator, and by default administrators are ignored. Make sure that all of your ignore fields are empty, and then try again.

thanks for help. 1 is my id number. i put on ignore users. Ignored Usergroups keep blank. also i enable IP Address Prevention Extended IP Address Prevention. i think all setting i fixed. let me see if any report tomrrow.

i really need it. but may really not work for 3.8 0...........sorry

I am not getting any reports.

ok i messed up big time.

i forgot to upload the files - i uploaded the product and turned it on. now i am not able to log in.

what do i do ... plz help.

i really need it. but may really not work for 3.8 0...........sorry

I'll ask a friend to test it on his vBulletin installation (3.8.1).

I am not getting any reports.

What are your reporting settings? What about your ignore settings?

ok i messed up big time.

i forgot to upload the files - i uploaded the product and turned it on. now i am not able to log in.

what do i do ... plz help.

Just upload the files to the proper place, and everything will work. The proper place is the forum root. Do not upload the "upload" folder, but do upload everything that is inside the "upload" folder to the forum root.

Thank you.

Would Love a 3.8 upgrade.

Alrighty, I checked with a friend that has vBulletin 3.8.1 installed. It works just like it should on vBulletin 3.8. ;)

Alrighty, I checked with a friend that has vBulletin 3.8.1 installed. It works just like it should on vBulletin 3.8. ;)

on my v.3.8.1 it makes the admincp and modcp blank. i have to disable it in order to be able to get to the admin panel again.

lemme edit this: i uninstalled and reinstalled and it's ok now.

on my v.3.8.1 it makes the admincp and modcp blank. i have to disable it in order to be able to get to the admin panel again.

Completely blank? Or do you mean that it won't let you login?

What other modifications do you have installed?

Hey what kind of information does Verbose Mode include?

Also I would love for the report to include the IP they accessed the account on, since I am finding it hard to link these 3 accounts together that the report showed. and so far I have not found any IP linking them together.

Verbose mode doesn't currently include the IP address information, but I'll include it in my next release. If you cannot find a match of the member's IP addresses, then it's likely that they're either using proxy servers or they have a dynamic IP address. In this case, all of their IP addresses would be different anyway. If they were caught by cookie, then you know that they're using the same computer.

I am not sure if this is a bug, but I noticed when searching for IPs my username is showing up on many of the accounts. and I am linking that IP back to the post that was made by this hack.

Yes, that's somewhat of a bug I guess. I had to modify the method a while back so the IP checks don't catch that false positive. I'll see what I can do about that in my next release. Thanks for bringing that up.

Did not prevent multiple registrations, and did not report the multiple account log in.

Update...
Im checking again, because it seems to work fine with certain browsers, but not with others (Chrome)

Really? I tested it with Google Chrome before and it worked just fine.

Have you tried testing it on other computers? You may have Chrome/IE cookie settings restricted.

Anyway to get this to work with vbulletin 3.81? Willing to pay $$ :)

Anyway to get this to work with vbulletin 3.81? Willing to pay $$ :)

i guess i could install it for you, but how much is it worth to simply install it since it works fine on my v3.8.1 system stock? ;)

It works fine on vBulletin 3.8.1. I'll help you install it if you'd like. PM me for further help.

any ideea what this is ... i get them on 2 forums on 3.7.4.

any ideea what this is ... i get them on 2 forums on 3.7.4.

Do you have vB Optimise installed? Because something seems to clash with the two modifications.

i have vb optimise installed...I will disable it and update you on the situation.

i have vb optimise installed...I will disable it and update you on the situation.

Also, if you're feeling daring, you might want to try to use the PM reporting. I heard from someone in this thread that the PM reporting still functioned properly while vB Optimise was enabled.

Hi ... :)

I'm currently running "Multiple account login detector (AE Detector)" on my v3.67pl1 site for last two years. Seems to work fine except AOL proxies always light it up like a christmas tree. :D

Could I un-install the above and move to this, or is my version of vBulletin too old, like me .. ;)

Thanks for any feedback.... :up:

Regards,
Badger

I have tested an earlier version of this modification with vBulletin 3.6.0 and it worked just fine. In theory, this latest version should work perfectly fine with any vBulletin version from 3.6 to 3.8.

If you have any problems, I can help you out. Also, if you install this modification and then chose to uninstall it, the IDstack cookies will remain intact, so you'll be able to switch back to the AE detector if you'd like. The only way that the cookies will lose their tracking information is if you do a cookie reset with my modification, but there's no real reason to use that nowadays.

I have tested an earlier version of this modification with vBulletin 3.6.0 and it worked just fine. In theory, this latest version should work perfectly fine with any vBulletin version from 3.6 to 3.8.

If you have any problems, I can help you out. Also, if you install this modification and then chose to uninstall it, the IDstack cookies will remain intact, so you'll be able to switch back to the AE detector if you'd like. The only way that the cookies will lose their tracking information is if you do a cookie reset with my modification, but there's no real reason to use that nowadays.

Thank you ... :up:

Appreciate your feedback and offer to help very much..... :)

I will install it and see what happens. I guess I bette un-install my current "Multiple account login detector (AE Detector)" first.

Regards,
Badger

A follow up.... :)

Un-installed my current "Multiple account login detector (AE Detector)"

Installed v1.1.1 of your mod on v3.67pl1 and it went smoothly....

Checked options and decided to turn "Silent Mode" ON for now, until I understand how the mod works better. So, I'll just read reports for a bit before turning if OFF.... :D

BTW, you have some of the most thorough and well documented instructions, plus on-line "?" help by field assistance I've ever seen in any mod. Thank you for that. :up:

I already have over 6,000 members and we get about 1,100 logging in every 24 hours. Because we are a "collectors" oriented web site, we get a lot of father, son, wife type members with different user names, yet they all use the SAME computer, so at this point I'm trying to be safe than sorry and not screw up their access. I guess I need to go through the members list and find those folks, adding them to the "ignored users" list by individual ID?

Finally, I left the following OFF because that was your default setting, plus I'm not sure I fully understand the impact of turning them ON yet, but I'll work on that... :D

IP Address Prevention
Whether or not to check for matching registration IP addresses for new registrants if no cookie is found. Yes No

Extended IP Address Prevention
Whether or not to check for matching IP addresses even after cookie information is found and used.

Looks like a great mod... appreciate your efforts ... :up:

I hope it works well with my v3,67pl1 as I have far too much customization to upgrade at this point.

Regards,
Doug (Badger)

A follow up.... :)

Un-installed my current "Multiple account login detector (AE Detector)"

Installed v1.1.1 of your mod on v3.67pl1 and it went smoothly....

Checked options and decided to turn "Silent Mode" ON for now, until I understand how the mod works better. So, I'll just read reports for a bit before turning if OFF.... :D

BTW, you have some of the most thorough and well documented instructions, plus on-line "?" help by field assistance I've ever seen in any mod. Thank you for that. :up:

I already have over 6,000 members and we get about 1,100 logging in every 24 hours. Because we are a "collectors" oriented web site, we get a lot of father, son, wife type members with different user names, yet they all use the SAME computer, so at this point I'm trying to be safe than sorry and not screw up their access. I guess I need to go through the members list and find those folks, adding them to the "ignored users" list by individual ID?

Finally, I left the following OFF because that was your default setting, plus I'm not sure I fully understand the impact of turning them ON yet, but I'll work on that... :D



Looks like a great mod... appreciate your efforts ... :up:

I hope it works well with my v3,67pl1 as I have far too much customization to upgrade at this point.

Regards,
Doug (Badger)

Thank you for the complements :)

I would like to point out that if you have "Silent Mode" enabled, you will not get any reports. That's what is silent about it. If you want to get these reports of multiple accounts, turn "Silent Mode" off.

Since your site has numerous families in the community, I suggest creating some Usergroup ("Family Members") and adding this group to known family members as a Secondary Usergroup. Then you can add this Usergroup ID to the ignore list.

In a nutshell, there are IP address options because some members may clear their cookies or use a different browser in order to register another account. Without the IP address checks, a user could get away with this, but with the checks, they have far less of a chance unless they go weeks without logging in or have a very dynamic IP address.

Good luck, and please let me know if my modification works well on your vBulletin 3.6.7 PL1 board ;)

Edit:

My bad. "Silent Mode" will only send reports rather than taking action. Thank you for bringing that up in an email :)

Ok it seems to be working now.. at least part.
It detects and post the multiple log in's, but it does not place the new created accounts in the specified usergroup.

This are my settings...

* Move to Specific Usergroup
* Silent Mode Off
* Prevention Usergroup 42 (dupped acc group)

Am I missing something?

Installed and it works great.... Excellent!

Ok it seems to be working now.. at least part.
It detects and post the multiple log in's, but it does not place the new created accounts in the specified usergroup.

This are my settings...

* Move to Specific Usergroup
* Silent Mode Off
* Prevention Usergroup 42 (dupped acc group)

Am I missing something?

Please turn on verbose mode and post one of the prevention reports here along with your vBulletin version.

this two had an acc and just opened a new one.

vBulletin 3.7.3 Patch Level 1

[ :: Verbose Information :: ]

[ Cookie Information ]

Cookie Used: IDstack
Raw Data: ,44465,
Clean Data: 44465

[ Capture Information ]

Caught by: Cookie

[ Verbose Messages ]

[ Dev Information ]

Verbose Message Bitfields: 0

[ :: Verbose Information :: ]

[ Cookie Information ]

Cookie Used: IDstack
Raw Data: ,20560,
Clean Data: 20560

[ Capture Information ]

Caught by: Cookie

[ Verbose Messages ]

[ Dev Information ]

Verbose Message Bitfields: 0

Alright, now were those login detections or were they registration preventions?

Login detections are just detections at the moment. Only registration prevention will actually do something about it.

By the way, I'm not sure if you're suggesting that the two detections above are related, but it looks like they are totally different.

Exactly... the system detected the log in of two different users (not related to each other) using multiple accounts

But the thing is that it did not prevented them to open two accounts, sending the new account to the dupe acc group.

In other words, the detection part, is working, but I cant make the prevention part to work.

Exactly... the system detected the log in of two different users (not related to each other) using multiple accounts

But the thing is that it did not prevented them to open two accounts, sending the new account to the dupe acc group.

In other words, the detection part, is working, but I cant make the prevention part to work.

I don't believe that this is the case, but I can test it for you. Please give me your forum's web address.

will this work with 3.6?

Yes, it should work just fine with vBulletin 3.6 and 3.7 and 3.8 installations.

Excellent mod. It would probably take me a day or to fully figure out what all the option so so can I get a little summary of what it does for what i need.

Lets say, there is a user who is banned but then gets another IP address and tries to register a new account, will this mod be able to stop him?

Yes,
work fine with vBulletin 3.8.1

thank you

For some reason the server load went from a measly 0.88 to 2.52 while the mod was enabled. Does to do any scans or anything?

I don't believe that this is the case, but I can test it for you. Please give me your forum's web address.

Sent by PM

For some reason the server load went from a measly 0.88 to 2.52 while the mod was enabled. Does to do any scans or anything?

Is it checking IP's?

Excellent mod. It would probably take me a day or to fully figure out what all the option so so can I get a little summary of what it does for what i need.

Lets say, there is a user who is banned but then gets another IP address and tries to register a new account, will this mod be able to stop him?

Since the primary method of tracking is through cookie, the person will still be caught if they use the same browser and don't touch their cookies. The IP address checks are meant for a backup (in case a user clears their cookies). Some cases cannot be helped, but with the cookie and IP address checks, most of them people will be caught (even if they don't think that they will be).

Yes,
work fine with vBulletin 3.8.1

thank you

Awesome :)

For some reason the server load went from a measly 0.88 to 2.52 while the mod was enabled. Does to do any scans or anything?

If you have a high volume of registrations each day, and you have IP address checks enabled, this could definitely raise the average server load. Also, enabling verbose mode for the reports will also raise the server load.

Last but not least, reporting through thread uses more queries than reporting through PM, so you might want to switch to the PM method and drop the thread reporting.

Sent by PM



Is it checking IP's?

Gracias :)

Well the Plug in its working.
And I really want to thank you for all your help.

Regards...

Not a problem. I'll update the known issues to include this newly found complication.

Ciao

thanks installed

Hi all, great mod, congrats to Kiros and all coders who contributed to this.

I have a slight problem with the mod. Although it works fine, I never get any PMs when multiple registrants are trying to register; they are only trasnfered to the proper usergroup.

My settings are correct, I have set the mod as follows:

Registration Prevention: Move to Usergroup, Except Banned Users
Silent Mode: No
Ignore Child Accounts: No
IP Address Prevention: Yes
Extended IP Address Prevention: Yes

Multiple Account Reporter: 1 (admin)
Report by Private Message: Yes
Recipients of Private Messages: 1;otheruserid;otheruserid
Report by New Thread: No
Verbose Mode: Yes

I run it on vb 3.8.1 PL1. Why don't I get any PMs?
Any help will be appreciated. Thanx in advance!

P.S. Before that I used the two separate mods that were combined to make this one, and there was no problem with the PMs.

The PM reporting is a little different than everything else. You should use the actual usernames (not User ID numbers) when setting the recipients and separate each username with a semicolon.

Thanks Kiros, that did it!

is there a way to run a scan for all registered users to match up duplicate ip's and have it auto-ban the 2nd+ account associated with the same ip as the first account?

To be honest, I don't think there is a way to run a scan. But, AFAIK, when a user logs in with an alt, it'll detect it. So say User A and User B are the same person. User B hasn't logged in since you installed the mod. User A logs in all the time. During an argument, User B logs in to back up User A, then it should automatically detect it and let you know. AFAIK, it won't automatically ban/move that user into any group.

This is just from my experience with the mod.

*Feature Request *

Can there be a feature added that notifies new registrants who are moved into a "awaiting moderation" usergroup via PM why they were moved.

Basically, just when someone is moved into the "awaiting moderation" usergroup, it sends him/her a PM explaining why, and instructing the user to PM the Administrator with an explanation.

is there a way to run a scan for all registered users to match up duplicate ip's and have it auto-ban the 2nd+ account associated with the same ip as the first account?

Unfortunately, no. Besides that, such a feature would cause horrible mayhem on larger forums. Many people will have the same IP address when they register because some ISPs (AOL for instance) use proxies.

I might develop something like this to use a time inclusion setting, but I'd need to do some research and figure out how to not lock up the database tables during such scans. So I'm afraid we won't be seeing anything of the sort for quite some time =/

*Feature Request *

Can there be a feature added that notifies new registrants who are moved into a "awaiting moderation" usergroup via PM why they were moved.

Basically, just when someone is moved into the "awaiting moderation" usergroup, it sends him/her a PM explaining why, and instructing the user to PM the Administrator with an explanation.

Hmmm, well what I did when I was a webmaster, I set vBulletin to put up a notice for a specific Usergroup informing them that their account was disabled because it was recognized as a multiple account. This is why it's good to have MADP send users to the moderated Usergroup instead of the "Awaiting Activation" Usergroup.

So if you put a notice up for the Usergroup, then they'll be notified every time they're logged in and on every page.

Does that help at all? :)

Does that help at all? :)

I'm sorry, but your use of common sense is disturbing... :)

Could do with a bit of advice / help here if you can please.

If we have someone joinup and we delete there account [for not meeting our requirments] and that user signs back up with the same username [wether it be straght away or months after] the mod is flaging that user as a Multiple Account ?

Also i should point out that when searching for any members Ip in ACP the search results are showing Super Admin , Admins, mods and registered users all having the same ip as the user that was searched for, this doesnt happen on every search result its intermitent at the minute, ovbiously this is a error and needs to be addressed thing is ime not sure if its to do with this mod or not but weve only just noticed it happening so i dont how long it actualy been like this.

Any help with the above issues would be great.


Here is a Example:

Multiple login detected from "Username".

Other recognized logins for this user are:

[ :: Verbose Information :: ]

[ Cookie Information ]

Cookie Used: IDstack
Raw Data: ,"previous Id",
Clean Data: "previous Id"
[ Capture Information ]

Caught by: Cookie

[ Verbose Messages ]

- The number of recognized users is different from the amount of ID numbers found in the account-counting cookie.

[ Dev Information ]

Verbose Message Bitfields: 1

thanks Mark

Yes, I came across that issue (the first one) just recently as well. I think that it might be time for a small update to version 1.1.2.

The IP address issue might be caused by the user that you have set to post/send reports. That's also something that I was planning on fixing for 2.0.0, but since more than one improvement can be made in short order, I'll probably release version 1.1.2 sometime soon.

1.1.2 won't fix the past IP address matches, but it will keep it from happening again.

Yes, I came across that issue (the first one) just recently as well. I think that it might be time for a small update to version 1.1.2.

The IP address issue might be caused by the user that you have set to post/send reports. That's also something that I was planning on fixing for 2.0.0, but since more than one improvement can be made in short order, I'll probably release version 1.1.2 sometime soon.

1.1.2 won't fix the past IP address matches, but it will keep it from happening again.Funny you should say this as we have all the reporting coming from the S-Admin account which is also one of the accouts that is mainly showing up in the Ip search results problem :(

Question: Is there any sql cmds or something that we could do to clear/ reset all the ip's ready for the 1.1.2 fix so we can get the search back to normal again ?
because how it is at the minute its very hard to distinguish between members who have genuine accounts and who have multiple accounts as we could be repremanding members who are showing to have multiple accounts through ip search.

thanks for your help Mark

Perhaps disable the IP checking part of the mod until then? Rely on cookies? Not as effective, I know, but a temporary solution.

I don't think a simple sql command could fix that, but maybe kiros can come up with something because I too would like to restore my username showing up on all the multiple accounts.

Hmm. I think that this issue might be solved by deleting (physically removing) all of the reports that were sent by the reporter. I haven't yet tried this, so if someone is willing to, please let me know how it goes.

You could use SQL to find all the posts made by the reporting account whose title matches the reporting message (wildcarded) and then change the IP address of those posts.

SELECT * FROM `post` WHERE `userid` = 1 AND (`title` LIKE 'Multiple Registrant%' OR `title` LIKE 'Multiple Login%');I suggest that IP address for reporting should be 0.0.0.0 to avoid confusion.

The following SQL query should reset the IP Address to 0.0.0.0 and assumes that the userid that you are using to make the reports is 1

UPDATE `post` SET `ipaddress`='0.0.0.0' WHERE `userid` = 1 AND (`title` LIKE 'Multiple Registrant%' OR `title` LIKE 'Multiple Login%');You could refine this further by selecting posts that were made in a particular forum.

To fix the plugin so that it reports multiple logins or registrations from the same account from a NULL IP address ("0.0.0.0"), open detection.php and insert the following code at line 280


$threaddm->do_set('ipaddress', "0.0.0.0");
before


$threaddm->save();
unset($threaddm);

Great thinking, MindStar. However, everyone please remember to use the actual User ID that you have the reporter set to if it's different than 1.

I'll be releasing version 1.1.2 with fixes to both the detection and registration soon.

Okay, the new version has been uploaded.

Thanks for your patience, everyone.

Great thinking, MindStar. However, everyone please remember to use the actual User ID that you have the reporter set to if it's different than 1.

No problem, glad to be able to give something back. Your Add-on has proved invaluable for keeping the trouble-makers at bay on my forum :)

does this new update contain the fix that mindstar posted?

Thanks for the update :)
Keep up the good work.

Much Apprciated For Update Kiros :up:

Thanks for the update.

Kind regards :)

ello kiros, am havng fatal error after the update.

Tried to test using two login dummy account, Fatal Error shows up after pressing the login. On second attempt it didn't showed up and login properly and didn't detected/created an alarm as well.

Fatal error: Cannot pass parameter 2 by reference in /home/mydomain/publichtml/boards/madp/detection.php on line 279

Okay, thanks Mark. I think I know what's causing it.

The fix should be up in a minute.

does this new update contain the fix that mindstar posted?

The latest version contains a fix that is very much like what Mindstar posted. It fixes the issue that his post addresses.

Unfortunately, I don't have a diagnostics system for the AdminCP setup yet, so I cannot include his suggested SQL anywhere in the modification. So I'm afraid that system administrators will have to run that query at their own risk.

Anyway, version 1.1.3 is out now and it fixes the issue that Mark brought up.

The latest version contains a fix that is very much like what Mindstar posted. It fixes the issue that his post addresses.

My bad. in $threaddm->do_set(<PARAM>, <VAL>) <VAL> is passed by reference so you have to pass the value in a variable :o

your mod is working perfect on 3.8.2.

BTW, thx one more time for the great work :)