|
Multiple account login detector (AE Detector)
If you are like me and migrated from .threads, a common modification was an "AE detector", a simple mod that saved a cookie of a history of ids logged into on your site. If someone logged into more than one account, you got a PM letting you know that your site was being accessed from multiple accounts.
Over the years this was very helpful in identifying users who were posting under multiple accounts (alter-egos!) and users who would return after being banned. You might be wondering why I don't use the vbcookie call - well, thats because on logout all vB cookies are cleared, so we need to store a cookie that is not effected by the login/logout process. New Installation 1. Add New Product with attached XML 2. Go to vBulletin Options -> AE Multiple Login Detection Settings and set your specific settings. Time to install: Easy - 2 minutes. Upgrade If you installed this as a Plug-in manually, you can delete that plugin and install this Product, just make sure to go into the Options and set them accordingly. I hope you find this useful and will click INSTALL if you use it; should it prove useful to enough people I can look at making this installation more automated without the need for edits and an Admin Options page. To upgrade you will want to reimport this XML file and edit your options accordingly. 1.0.3 ----- . Added a check to ensure that users weren't deleted when reporting violations . added htmlspecialchars_uni call to username Note: I am unable to get the call to construct_phrase with $vbphrase['multiplelogin_alert'] to work reliably, as such the $message variable is still set manually inside the plug-in and not via the phrase. If anyone has an idea of why this might not always work, I'm all ears. 1.0.2 ----- . Updated to include exclusion groups, users . Changed so PM is sent by ae sender id 1.0.1 ----- . Released as a Product (thank you PHPGeek2k3 for your help) . Added option to post to a forum versus send a PM (or both) . All settings moved into Admin Option 1.0.0 ----- Initial release. |
Text file, please? ;)
|
oo first install thanks...
Lets see what ive broken now :) Cheers for this |
Okay, text file attached with the change which makes the usernames clickable profiles (you'll need to modify the URL to the member.php).
|
I like this a lot. Thanks for your work so far on this. A couple things I'd like to see added though...
1. An option to enter particular user ID's by number that are NOT subject to the check. 2. An option to choose to receive the notices either by PM or e-mail. In our case, we'd prefer e-mail. |
Wow thanks!
|
Quote:
|
Quote:
yes that is correct |
Actually, it's usernames if I understand the vB system (I use the usernames). Userids would be nicer, but I believe the PM system is expecting usernames.
The admin variable is expecting a userid, though. |
Quote:
|
Works nice. Thank you MPDev!
|
Installed! Can't wait to see it work :)
Anything I can do to keep the troublemakers from doing what they do best is good by me! Thanks !! |
Just tested it as I have two accounts, one admin, one for posting and it didn't trigger.
Can anyone confirm that this is working? I'd love it to because there are a few people on my site I would like to BUST. FYI, I am using Firefox 1.0.7 |
Installed :D I got a few PMs already
"A seems to have multiple personalities using B and A sharing the same computer. No soup for you! and you! and you!" "C seems to have multiple personalities using A and C sharing the same computer. No soup for you! and you! and you!" I know A, B and C are 3 different ppls and live in 3 different places. According to these 2 PMs, I suppose A shares his account to B & C :disappointed: Am I right? May I ask if member use one browser (Opera) to login A account, and another browser (FF) to login B account; can this mod detect the activity? |
Quote:
|
Quote:
Quote:
Quote:
|
Quote:
Again, this mod is working. Thanks :devious: |
wow! great hack! but wouldnt it be better to write that logins to a logfile? if there ever was a meaning in the word "logfile", then might be this? ;)
i got some x-thousand users, some have mod-/useraccounts. dont want to explode by pm-box... :( and (if thats not already in there) its very important to see the real username. otherwise it isnt much confortable to find out, if theres a troll in between... |
Oh yeah, you reminds me about that. PMs keep coming and coming fast :D
|
One senario I encountered was that you cannot send a PM to yourself; i.e. if you trip the detector with the account you are sending your alerts to, the PM will not get sent. And since you only get one PM per addition of new accounts, you won't see subsequent logins on those two accounts.
If you didn't catch that - you only get one PM per violation - meaning if A and B login on the same computer you only get one notice until that computer registers a C login. |
Please Help me, Forgotten to me to add the direction and now it does not let to me enter the Admincp and I cannot do nothing!
Mesage: Mensaje de vBulletin No se pudo agregar las cookies, los encabezados ya han sido enviados. |
I have the same prblem and now I can not login by my selfe to disable the Plugin :(
|
Quote:
Edit your config.php and insert this Code:
define('DISABLE_HOOKS', 1);GreeTz Snatch |
what does this means ?
line 47: set the list of recipients usernames ('mod1;mod2;mod3;mod4') GreeTz Snatch |
Quote:
|
With some help from PHPGeek2k3, I've converted this into a product to be installed. Options are in Admin Option for AE Detector.
|
nice :)
[high]* Iain M clicks install[/high] |
Edit...Never mind I guess I should have installed it first lmao.....Nice work!!
|
There is one problem. There are many public computers where people can log in like libraries, schools, universities, internet cafes etc. So I guess that each case should be carefully put in the picture.
|
Quote:
|
Unless your site is specific to a general region....Let's say erm a site for some city or something...I don't see that being too much of a problem.
|
MPDev: I've already installed it as a nice tool to know who may have multiple accounts :). But i'm not going to ban everyone who is reported to have x accounts without checking if it's true.
|
Quote:
simply fantastic!!! |
It's very nice. The only suggestion I have is to either make the thread starter match the PM sender or have a seperate option to choose a thread starter username. Currently threads are started by the trigger account.
A nice bonus would be to be able to exempt usernames (ie, so admins don't trigger the function logging into a test account and such). Still, VERY handy feature and I see no problems as of now (barring the ae_multiplelogins_thread template being uncached). :) |
I don't really understand what this hack is doing, if somebody logs in with a multiple account he get banned or I get only an information about that?
|
You just get information.
|
Thanks zelda and thanks MPDev for this cool hack.
|
Quote:
We have had problems in the past with people using "alter ego" accounts; this just gives us a chance to keep an eye out for them. Sure, some people share computers - family members, office workers, etc.; but since it uses cookies and not IP addresses, you can be sure that the people being reported are indeed using the same computer (just may not always be the same person). |
i can vouchg this works a treat...i had a PM today letting me know someone was using accounts maliciously....
|
If is added the last IP of each usename it can be usefull to find shared accounts. If the IPs are different and the time is aprox the same, probably two persons (with others usernames) are sharing a username that can have, for example, a premium account.
Showing IPs can be a usefull addition :) |
| All times are GMT. The time now is 05:57 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|