Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 05-14-2005, 01:12 AM
Skyline_GT Skyline_GT is offline
 
Join Date: May 2003
Location: Vancouver, BC
Posts: 482
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Ip verify when login

I wonder is it possible to do this? When they login, it will verify to the ip that they used when they register? I think this is a good security feature.
Reply With Quote
  #2  
Old 05-14-2005, 01:24 AM
KTBleeding's Avatar
KTBleeding KTBleeding is offline
 
Join Date: Feb 2004
Location: Tooele, UT
Posts: 756
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Not THAT bad of an idea, but that means they won't be able to login from a school / work / other computer.
Reply With Quote
  #3  
Old 05-14-2005, 03:20 AM
Tekton Tekton is offline
 
Join Date: Jun 2004
Location: Wisconsin
Posts: 362
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Wouldn't be too hard, but I would strongly recommend against it. (see what KTB said).

You'd have to store the IP at registration; you could make a new field for that in the user table and then just go into the (functions_register?) and add it in for the address. $_SERVER['REMOTE_ADDR'] is what you need for their IP I think.

functions_login.php is the file you will have to match their IP to the IP stored in the user field.
Reply With Quote
  #4  
Old 05-14-2005, 03:29 AM
Skyline_GT Skyline_GT is offline
 
Join Date: May 2003
Location: Vancouver, BC
Posts: 482
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I think there should be an option when they register or they can active or deactive the option in their user cp.

Can you post a more detail instruction please?
THanks.
Reply With Quote
  #5  
Old 05-14-2005, 04:01 AM
Tekton Tekton is offline
 
Join Date: Jun 2004
Location: Wisconsin
Posts: 362
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Skyline_GT
I think there should be an option when they register or they can active or deactive the option in their user cp.

Can you post a more detail instruction please?
THanks.
Well, I'm not going to go through the usercp option right now, but assuming you stored the IP address in a user table field, named "reg_ip" or something.

in includes/functions_login.php, find:
PHP Code:
if ($bbuserinfo $DB_site->query_first("SELECT userid, usergroupid, membergroupids, username, password, salt FROM " TABLE_PREFIX "user WHERE username = '" addslashes(htmlspecialchars_uni($username)) . "'"))
{
if (
$bbuserinfo['password'] != iif($password AND !$md5passwordmd5(md5($password) . $bbuserinfo['salt']), '') AND$bbuserinfo['password'] != md5($md5password $bbuserinfo['salt']) AND $bbuserinfo['password'] != iif($md5password_utfmd5($md5password_utf $bbuserinfo['salt']), '')
){return 
false;} 
and CHANGE TO:
PHP Code:
if ($bbuserinfo $DB_site->query_first("SELECT userid, usergroupid, membergroupids, username, password, salt, rep_ip FROM " TABLE_PREFIX "user WHERE username = '" addslashes(htmlspecialchars_uni($username)) . "'"))
{
if (
$bbuserinfo['password'] != iif($password AND !$md5passwordmd5(md5($password) . $bbuserinfo['salt']), '') AND $bbuserinfo['password'] != md5($md5password $bbuserinfo['salt']) AND $bbuserinfo['password'] != iif($md5password_utfmd5($md5password_utf $bbuserinfo['salt']), '')
){return 
false;}
if (
$bbuserinfo['reg_ip]!=$_SERVER['REMOTE_ADDR']){return false;} 
I'm pretty sure that'd do the right thing. But you'd need to add a condition to check if that field was blank, etc and not run that condition to prevent lock-out. Do you know how to add the code you need to the registration php?
Reply With Quote
  #6  
Old 05-14-2005, 06:18 AM
Skyline_GT Skyline_GT is offline
 
Join Date: May 2003
Location: Vancouver, BC
Posts: 482
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

please list it ..
THanks..

BTW: is it poissble that it only applies to a certain usergroup? I think based on usergroup is better for me.
Reply With Quote
  #7  
Old 05-14-2005, 08:54 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

First of all, the registration IP is already stored in the user table. That is out of the box behaviour for vB.

About checking this: very bad idea, don't do it!!!
What about people on dynamic IP's?
Reply With Quote
  #8  
Old 05-14-2005, 02:49 PM
Tekton Tekton is offline
 
Join Date: Jun 2004
Location: Wisconsin
Posts: 362
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

oh, I didn't know it stored it already. One less thing to do, I guess~
Reply With Quote
  #9  
Old 05-15-2005, 12:11 AM
aloha aloha is offline
 
Join Date: Jan 2004
Posts: 55
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

AOL has that security feature key, could this be implemented INSTEAD of the IP verification? So that we can use this passcode key to login? That would own. :devious: I used to work for them in the customer service department and this would be how we logged in from our homes and so forth... I've never had any of my accounts compromised in any shape or form. It's now a premium feature on AOL for those that want an extra layer of security on their account.

I believe its ran by RSA Security.
Reply With Quote
  #10  
Old 05-15-2005, 12:15 AM
angelicGrace angelicGrace is offline
 
Join Date: Jun 2004
Location: Up in the clouds
Posts: 100
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sounds great, but you ay have members that have an isp like mine that rotates their ip addy. mine has been known to change has many as 15 times in one day. It could cause you more problems than it is worth.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:04 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04488 seconds
  • Memory Usage 2,271KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_php
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete