Paranoid dupe user buster when moderating
 

Hi.
I wrote this hack time ago to address my own needs to findout dupe users when they register.
Now I published it and hope could be useful to someone...

This hack, basically does this:
when there are new users to activate (Admin awaiting moderation, usergroup=4), the Admin can press the link 'Dupe matches grid' in AdminCP just below the user list. A new window will appear with the list of pending users followed by a complete list of possible duplicates (configurable max number, default 25 per user).

Note: you must have user moderation enabled, of course...

Each user is listed with userid, username, password, email, ipaddress, posts, lastlogin, etc..
The dupe matches are found analyzing
- similar usernames,
- similar emails,
- same passwords (I know it's md5 hashed, but... just in case...:) )
- similar ip address
- cross matching username and email account (without hostname)
Each possible match is evidenced in bold.

Affinities are found with a variation of levenshtein() and metaphone() php functions.
Tolerance are configurable and even is managed a correction needed on shortest words and or words containing number digits, which otherwise would raise a lot of false matches.
I put that config at the top of function, you can fine tune yourself, but max values like '1' aren't too bad and enough to find most common dupes ... Higher values could return too many false affirmatives.

Thanks to Dlst who sometime ago published something similar but involving only the username.

• Very very simple to apply.
• Involves only one php file. No templates.
• Manages almost all user characteristics.
• Visible only to admins (AdminCP).
• Leave the admin to decide what should do: delete, email, track, and so on...
• The hack, once installed, is itself facultative. You can decide to search dupes or not, and in case refresh the awaiting list on the main AdminCP page...

Screenshots are impossible as there should be a list of horizontal black lines covering user data for obvious privacy reasons ... :)
Just install it in one minute and give a look yourself

Let me know any problem (even I've been using for about three months...)
Bye.

ahh first reply to this nice hack..
This is somthing I have been looking for because we don't allow our users to register multiple accounts ...

I will try it out ASAP...

thx

JDD

How about a version that would let us view this for new registrations-- some boards don't have user moderation enabled but I'd like to see the data for new handles that register anyway. Thanks, nice use of the comparison functions.

ok just installed it.. and here are my comments on it:

• you use loginlog.php for resolving the IP. I don't have this function on my Board (don't know if it may be another Hack) I replaced loginlog.php with adminlog.php and now it works.
• I have 100+ users in moderation queue - when running the script i get a timeout error :
  Fatal error: Maximum execution time of 30 seconds exceeded in /admin/db_mysql.php on line 151
  
  seems that this script cannot handle this amount of users

another question I have is how the values are compared to eachother? The results it outputs don't seem to be that identically to me. It prints some lines in bold.. are these values ment to be nearly indentically?

JDD

@ Overgrow: well; one of the first step of the added action is to search for all users in group 4. Then it will compare each of them to all other users (including those in group 4, except the user itself... )
It should be easy to make this check complex, instead of m*(n-1) (m new members, n all users) something like n*(n-1).... But definetively I don't think php accessing mysql will accept such a high load and most probably you'll get a timeout error.

@ JDD:
- sorry for the mistake: loginlog.php comes from another my own hack and forgot to put that code into user.php. Hwr it simply calls the gethostbyaddr() php function against the given IP. ASAP I'll post the right code for that link.
- actually I think timeout problems couldn't be solved unless introducing a 'pagination' for the moderating members. I.e. for instance to select only 20-30 new users at once and then recycle. Till now I always completed my Admin homeworks day by day, so... :)
- in normalfont is printed the user under examination; in smallfont all the possible matches. Then in bold is highlighted the exact field which made positive the match.
Probably you could notice that on shortest words (or those with few alphabetics, the same for levensthein function...) you had many matches. I found that's is phisiologic for the php function's nature and tried to make some correction, but a minded-eye is the best one. This reason, all the matches are displayed and you have to decide (simply your are given all the informations to do that)

:p

Bye

Corrected the reference for the IPs. Now it links to user.php itself (user.php?s=&action=doips&ipaddress=....) to find all the user with that IP.

Please, re-download the attachment, if done before this post.
Thanks.
Bye


P.S.: actually the resolve IP function is already made within standard vb php files. The above link, if you prefer, could be:
adminlog.php?s=&action=resolveip&ip=....
Wysiwyg!
:rambo:

Very useful hack!!
Thanks!

This Hack don't work for me. :(
IE can't find user.php?action=finddupe on my server.

???
?action=finddupe IS EXACTLY the hack.
Have you installed it ?
How could you say it doesn't work ? :cry: :surprised:

It works now. :rambo:

I wrote instead of Maybe you have to edit your Atachment
Realy nice hack.
Thank you.