[GsxrTony]

[QUOTE]Originally posted by Mutt
firefly, I've added alittle to your hack

Here's the chunk of code that needs to be added to 2 files

PHP Code:

            // email alert
            $ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("REMOTE_ADDR"),$HTTP_HOST);
            $iphostname = @gethostbyaddr($ipaddress);
            if ($HTTP_COOKIE_VARS['bbuserid']) {
                $realuserid = $HTTP_COOKIE_VARS['bbuserid'];
                $realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$realuserid'");
                $MessageAddon .= "\nThier cookie identifys them as ".addslashes($realusername[username]."\n");
            }
            if ($sessionids=$DB_site->query("SELECT userid FROM session WHERE host='$ipaddress' AND userid>0 GROUP BY userid")) {
                while ($sessionid = $DB_site->fetch_array($sessionids)) {
                    $realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$sessionid[userid]'");
                    $MessageAddon .= "\nSessions identifys them as ".addslashes($realusername[username]);
                }
            }
            $message="Someone is trying to login to the $bbtitle control panel!\nThe Script was : $PHP_SELF\n\nUsername they tried to use: $loginusername\nPassword they tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname\n\nSearch for members using this ip\n $bburl/admin/user.php?action=doips&s=&ipaddress=$ipaddress\n$MessageAddon";
            mail($webmasteremail,"Warning: vBulletin Admin Login Attempted",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");
            // email alert 


the first addition is in sessions.php as instructed by firefly

it goes right after

PHP Code:

 if (md5($loginpassword)!=$bbuserinfo[password]) { 


then second additon is in adim/global.php

and it goes right after

PHP Code:

$getperms=$DB_site->query_first("SELECT cancontrolpanel FROM user,usergroup WHERE user.usergroupid=usergroup.usergroupid AND user.userid='$bbuserinfo[userid]'");
if ($getperms[cancontrolpanel]!=1) { 


now you'll get an email like this



now the email gets sent for any incorect login instead of just ones with a correct username and wrong password. If they are somehow listed in sessions under multiple userids, (logged on and then logged on again under a second account) you'll get them all.

Firefly, thanks for this. I really like it and plan to keept expanding it. Security is key. I have a bunch of jerkoffs at my Stern site and have been pushing off upgrading it to VB until I had lots of admin tools like this little email notice.

I'll be doing something very similar to this which will be used to track multiple accounts.

Hey people, let me know if you have any problems with this