[sbryan]

hey guys, great hack got it working on 2.2.8 with the following code

Quote:

// email alert
$ipaddress=iif(getenv("REMOTE_ADDR")!="",getenv("R EMOTE_ADDR"),$HTTP_HOST);
$iphostname = @gethostbyaddr($ipaddress);
if ($HTTP_COOKIE_VARS['bbuserid']) {
$realuserid = $HTTP_COOKIE_VARS['bbuserid'];
$realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$realuserid'");
$MessageAddon .= "\nThier cookie identifys them as ".addslashes($realusername[username]."\n");
}
if ($sessionids=$DB_site->query("SELECT userid FROM session WHERE host='$ipaddress' AND userid>0 GROUP BY userid")) {
while ($sessionid = $DB_site->fetch_array($sessionids)) {
$realusername=$DB_site->query_first("SELECT username FROM user WHERE userid='$sessionid[userid]'");
$MessageAddon .= "\nSessions identifys them as ".addslashes($realusername[username]);
}
}
$message="Someone is trying to login using your admin account!\nThe Script was : $PHP_SELF\n\nUsername they tried to use: $loginusername\nPassword they tried to use: $loginpassword (".md5($loginpassword)." in encryption)\n\nThe IP address is: $ipaddress\nThe host is: $iphostname\n\nSearch for members using this ip\n $bburl/admin/user.php?action=doips&s=&ipaddress=$ipaddress\n$Me ssageAddon";
mail($webmasteremail,"Warning: vBulletin Admin Login Attempted",$message,"From: \"$bbtitle Admin CP\" <$webmasteremail>");
// email alert

and it sends me a nice email like the following (when i tested it out myself)

Quote:

Someone is trying to login using your admin account!
The Script was : /forum/admin/index.php

Username they tried to use: XXX
Password they tried to use: XXX

The IP address is: 144.132.3.232
The host is: CPE-144-132-3-232.vic.bigpond.net.au

Search for members using this ip
http://www.xboxworld.com.au/forum/ad...=144.132.3.232

Thier cookie identifys them as XXX

Sessions identifys them as XXX

awesome stuff, way to go guys!