Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Multiple Account Detection & Prevention Details »»
Multiple Account Detection & Prevention
Version: 1.1.3, by Kiros72 Kiros72 is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 3.7.x Rating:
Released: 12-16-2008 Last Update: 03-31-2009 Installs: 1039
Uses Plugins
Additional Files Translations  
No support by the author.

It happens all of the time. Some members will make multiple accounts to back their own opinion or get an extra vote in a poll. Here's a modification that will detect and prevent multiple accounts, as well as notify the administration about multiple accounts. Inspiration for this modification came from the work of MPDev (creator of the Multiple Account Login Detector) and randominity (creator of the Multiple Account Registration Prevention). This is basically a combination of those two modifications but with new and improved functionality.

This is not an update to the "Multiple Account Login Detector (AE Detector)" nor is it an update to the "Multiple Account Registration Prevention." If you have either one of these (or both of them) installed, you should uninstall them before installing this modification.

With the initial release of Multiple Account Detection & Prevention, I believe that I have fixed previous bugs/complications as well as improved the efficiency and logic of the code. This is my first publicly released modification. I would appreciate any comments and suggestions!

Confirmed! This works perfectly on all vBulletin 3.6, 3.7, and 3.8 versions.

Unfortunately, I cannot give support right now. I may be able to help periodically, but until my schedule yields some more free time, I won't be much support. Please check back in a week or two.

Basic Details
File Edits: None
Template Edits: None
New Files: 6
Hooks/Plugins: 3
Global Phrases: 36
Install Time: 2 Minutes or Less
Install Difficulty: None, Very Easy

Features and Settings
- Login Detection
- Registration Prevention (Multiple Methods)
- Ignore Child Accounts
- Ignored Users
- Ignored Usergroups
- Ignored ISPs
- Prevention Usergroup
- IP Address Based Prevention
- Extended IP Address Prevention
- IP Address Time Inclusion
- Banned Account Check
- Primary Banned Usergroup
- Cookie Expiration Time
- Cookie Refreshing
- Cookie Name
- Cookie Reset
- Multiple Account Reporter
- Reports via PM
- PM Report Recipients
- Reports via New Thread
- Forum for Report Threads
- Verbose Mode
- BB Codes: LIST, URL, CODE

How it Works
With every newly recognized login/registration, an account-counting cookie is set (or added onto) with the member's User ID. Depending on the settings, Multiple Account Detection & Prevention will analyze the cookie during login/registration to see if there are any multiple accounts.

Login Detection offers cookie-checking and reporting. Registration Prevention offers the same thing, plus more advanced features. First of all, when it prevents an account from registering, it actually moves the registrant to the Prevention Usergroup so that the administration can review the case. This also allows for customized privileges for recognized multiple registrants. Registration Prevention also has IP address detection which finds out just as much information about users. Depending on an administrator's preference, this modification can also reban a new registrant if one of their previous accounts has been banned. In fact, if the administration wishes, multiple registrants can simply be denied registration all together.

Whenever there is a detection/prevention, the modification will report the information to the administration through private messages, a new thread, or both (depending on settings). The Multiple Account Reporter can be any valid user.

Known Issues
- vB Optimise users: Reporting via thread seems to get messed up by vB Optimise, so try reporting via PM instead.
- PhotoPost vBGallery users: The registration handling appears to not work properly when PhotoPost vBGallery is enabled.

From what I can tell, these known clashes have been caused by the other modification's coding. The author of vB Optimise will not even work with me to fix it. Until they improve their coding, I'm not sure if I can do anything about these issues. As far as I know, administrators that do not use the above modifications will not have any problems.

Installation / Upgrade
Unzip the package (madp.zip), upload the files to your forum location, and import the product file (allow overwrite if upgrading). Please read the ReadMe.txt file that is packaged with the modification for more information.

Please remember to mark this modification as installed if you use it!
If you like it, nominate it for the Mod of the Month!

Thank you!

Download Now

File Type: zip madp.zip (22.3 KB, 4977 views)

Screenshots

File Type: png admincprep.png (62.6 KB, 0 views)
File Type: png admincpop1.png (65.8 KB, 0 views)
File Type: png admincpop2.png (50.6 KB, 0 views)
File Type: png threadregverbose.png (40.3 KB, 0 views)
File Type: png threadloginverbose.png (34.7 KB, 0 views)
File Type: png threadregip_disallow.png (83.3 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
3 благодарности(ей) от:
aeturner89, Filgga, ricardoNJ

Comments
  #22  
Old 12-18-2008, 12:03 AM
Forum-Germany Forum-Germany is offline
 
Join Date: Nov 2008
Posts: 70
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If I hack your (zip) unzip, I get a folder. / Upload / madp.
Do I have this folder in the root add?

www.Forum-Germany.de/Forum/madp/ <- really?

So I copy your php files with others in the root, but the whole folder.
Reply With Quote
  #23  
Old 12-18-2008, 12:06 AM
Kiros72 Kiros72 is offline
 
Join Date: Apr 2006
Location: Albany, LA - USA
Posts: 215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The entire folder should be copied. After the upload, you should have this:

www.forum-germany.de/forum/madp/detection.php
www.forum-germany.de/forum/madp/functions_madp.php
www.forum-germany.de/forum/madp/prevention.php
www.forum-germany.de/forum/madp/set.php

(IF www.forum-germany.de/forum/ is the location of your forums!)

The product file (product-kiros_madp.xml) also needs to be imported through the AdminCP product manager.
Reply With Quote
  #24  
Old 12-18-2008, 12:11 AM
Forum-Germany Forum-Germany is offline
 
Join Date: Nov 2008
Posts: 70
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thank you. I have it installed. It has 20 seconds.

But I'm still worried that hackers can use this folder to a virus or something in my forum to bring.
If I were a htaccess file would create, how must it look like? can you please tell me? : o I am sorry that I pester.
Reply With Quote
  #25  
Old 12-18-2008, 12:18 AM
blind-eddie's Avatar
blind-eddie blind-eddie is offline
 
Join Date: Apr 2006
Location: Michigan
Posts: 2,310
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by blind-eddie View Post
On my site, I have a few members who live in the same address. If they both take turns on their pc, this will detect them & ban them?

Is there a way to stop that from happening. If not, this could be a bad idea for some boards.


Quote:
Originally Posted by Kiros72 View Post
When they login, nothing will be done except a detection report. A user will not be affected unless he/she is registering - in which case, the registrant will be moved to the Prevention Usergroup or rebanned if a previous account is found to be banned. Again, the Login Detection will not prevent a user from logging in nor will it ban anyone; it will just notify you through PM/thread depending on your settings.

If you do not want to receive the notifications for those users who use the same computer, then add one of their User ID numbers to the Ignored Users and enable Ignore Child Accounts. With Ignore Child Accounts enabled, as long as a user is seen as a multiple of an ignored user (or Usergroup), the user will be ignored from any kind of detection.

Would that solve your problem?
Yes, that would solve my problem, Thank you.:up:
Reply With Quote
  #26  
Old 12-18-2008, 02:19 AM
Kiros72 Kiros72 is offline
 
Join Date: Apr 2006
Location: Albany, LA - USA
Posts: 215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Forum-Germany View Post
Thank you. I have it installed. It has 20 seconds.

But I'm still worried that hackers can use this folder to a virus or something in my forum to bring.
If I were a htaccess file would create, how must it look like? can you please tell me? : o I am sorry that I pester.
I'm not sure that there would be a way to disallow public access but to allow vBulletin to still use it. This is partially why a .htaccess file is not included in this modification. The majority of the reason is because there is no way that any of these files can be used improperly. None of these files use $_GET, $_REQUEST, or $_POST. Only $_COOKIE is used and that will not even get called if someone manually accesses the files. You should not worry about this.

If you know how, you can simply copy the code from the files to the plugins, but this will make vBulletin consistently use more memory. The modification is coded with files to make everything faster and more efficient. Again, the files do not add any risk because they are only useful if vBulletin uses them - not if some person tries to.

Quote:
Originally Posted by blind-eddie View Post
Yes, that would solve my problem, Thank you.:up:
Notta problem. Just remember to mark it as installed for updates
Reply With Quote
  #27  
Old 12-18-2008, 11:59 AM
Forum-Germany Forum-Germany is offline
 
Join Date: Nov 2008
Posts: 70
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ok I do not install htaccess.

another problem:

I was with the IE as admin and registered with the FF as a user. but there is no double account displayed. pn, etc. did not set anything.
Reply With Quote
  #28  
Old 12-18-2008, 01:33 PM
1320Nation 1320Nation is offline
 
Join Date: Sep 2008
Posts: 246
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What is the main difference between your mod and this here: https://vborg.vbsupport.ru/showthrea...Login+Detector
Reply With Quote
  #29  
Old 12-18-2008, 01:38 PM
Forum-Germany Forum-Germany is offline
 
Join Date: Nov 2008
Posts: 70
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

That is but in the description.
Reply With Quote
  #30  
Old 12-18-2008, 05:23 PM
my evil twin my evil twin is offline
 
Join Date: Mar 2008
Location: Germany
Posts: 11
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Forum-Germany View Post
2nd why no htaccess file? dan but everyone can access it or I see this wrong? I do not want a door for a hacker up. do you?
Why don't you disable open directory listing, or just upload a blank "index.html"-file to this folder?

nobody can access your directory then without knowing the exact filenames.
Reply With Quote
  #31  
Old 12-18-2008, 06:07 PM
ray- ray- is offline
 
Join Date: Dec 2003
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice mod. Found a small error in 2 phrases.
In madp_reg_message:
Code:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered. {4}
madp_regip_message:
Code:
A new account by the name of {3}/member.php?do=getinfo&amp;username={1}]{1} has been registered with the IP address: {5}. {4}
(I removed the URL-tags in the above to avoid being displayed as links)
The &amp; isn't being parsed. The link will now show up as
Code:
http://www.forum.com/member.php?do=getinfo&amp;username=ray
and it should be
Code:
http://www.forum.com/member.php?do=getinfo&username=ray
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:43 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09215 seconds
  • Memory Usage 2,366KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (3)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (7)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete