Multiple account login detector (AE Detector)

If you are like me and migrated from .threads, a common modification was an "AE detector", a simple mod that saved a cookie of a history of ids logged into on your site. If someone logged into more than one account, you got a PM letting you know that your site was being accessed from multiple accounts.

Over the years this was very helpful in identifying users who were posting under multiple accounts (alter-egos!) and users who would return after being banned.

You might be wondering why I don't use the vbcookie call - well, thats because on logout all vB cookies are cleared, so we need to store a cookie that is not effected by the login/logout process.

New Installation
1. Add New Product with attached XML
2. Go to vBulletin Options -> AE Multiple Login Detection Settings and set your specific settings.

Time to install: Easy - 2 minutes.

Upgrade
If you installed this as a Plug-in manually, you can delete that plugin and install this Product, just make sure to go into the Options and set them accordingly.

I hope you find this useful and will click INSTALL if you use it; should it prove useful to enough people I can look at making this installation more automated without the need for edits and an Admin Options page.

To upgrade you will want to reimport this XML file and edit your options accordingly.

1.0.3
-----
. Added a check to ensure that users weren't deleted when reporting violations
. added htmlspecialchars_uni call to username

Note: I am unable to get the call to construct_phrase with $vbphrase['multiplelogin_alert'] to work reliably, as such the $message variable is still set manually inside the plug-in and not via the phrase. If anyone has an idea of why this might not always work, I'm all ears.

1.0.2
-----
. Updated to include exclusion groups, users
. Changed so PM is sent by ae sender id

1.0.1
-----
. Released as a Product (thank you PHPGeek2k3 for your help)
. Added option to post to a forum versus send a PM (or both)
. All settings moved into Admin Option

1.0.0
-----
Initial release.

[MPDev]

vB cookie clearing does not remove this cookie.

[bryanb]

Quote:

Originally Posted by MPDev

vB cookie clearing does not remove this cookie.

Great - does this cookie have a name? How would I find it? Thanks in advance.

Fantastic mod, by the way. I'm having great fun with this

[MiahBeSmokin420]

OK SERIOUSLY,

Is There Any Way That It Is Even The Slightest Bit Possable That It Could Mess Up And Detect The Wrong People At The Wrong Times And Stuff Like That?

Cause I Got People Getting Detected That I Know Personally That Live Almost 10 States Away.

And I Know You Say Its Cookie Based, And I Know What A Cookie Is And Dose Im Not Dumb.

But Honestly, What Are The Odd's Or Your Hack/Mod, Going Bad/Acting Up?

And Im Useing The Newest Version Of vB 3.6.7 PL1

[MPDev]

Nope, no way. It's entirely cookie based; as such, there is no way for the system to pick up those values from another system.

Maybe you're members are logging in from other places and just not remembering doing so.....

[Dave Hawley]

Cool hack, I've already busted a few banned users!

[Chipper]

MPDev, can you please post "the idiots guide to install & setup"?

Think this is a great thing and can't wait to start using it.. Thanks

[MPDev]

That's covered in the two steps in the initial post; you don't need to do anything else.

[symptome]

Would it be an idea to enhance this script with a possibility to send a PM to one of the users? Something like a template with text, that can be used, so that I just have to push "send" to ask the user about the reason, he's logging in more than once.

[Raydar]

Quote:

Originally Posted by symptome

Would it be an idea to enhance this script with a possibility to send a PM to one of the users? Something like a template with text, that can be used, so that I just have to push "send" to ask the user about the reason, he's logging in more than once.

G'day Mate,

With this hack you must keep in mind that there are numerous valid reasons a user would create another account from the same computer. May want to change his / her name, may have a friend of family member that also surfs your site from the same computer etc etc etc.

Sending them a PM when this happens can make your forums appear as an extremely controlled environment. If the person doesn't have a valid reason for signing up another account, they'll probably be embarassed and leave (and you lose a member). I'd be careful about questioning members for something like this.

You are better off to simply sit and watch what the two accounts do. Then you'll know for sure why the second account was made.

Good luck with it.

Reg

[bryanb]

There is one thing I've noticed - I don't know if it's a bug or not. When the AE detector detects a member with another account, I have a moderator account PM the mods and post in a private thread. This mod account assumes the perpetrators IP address.

For instance, joeblow logs in from janeblows computer - the AE announcement is sent via PM to the mods and posted in a private thread by moderator1. Moderator1 now has joeblow's IP address. Please check. Thanks!