Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Multiple account login detector (AE Detector) Details »»
Multiple account login detector (AE Detector)
Version: 1.00, by MPDev MPDev is offline
Developer Last Online: Dec 2016 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 3.6.0 Rating:
Released: 09-04-2006 Last Update: Never Installs: 1908
 
No support by the author.

Mod of the Month winner!
Top 10 most installed mods for vB3.6!

Same plug-in found here:

https://vborg.vbsupport.ru/showthread.php?t=107566

There are no differences as this plug-in works with both 3.5 and 3.6 versions of vBulletin.


If you are like me and migrated from .threads, a common modification was an "AE detector", a simple mod that saved a cookie of a history of ids logged into on your site. If someone logged into more than one account, you got a PM letting you know that your site was being accessed from multiple accounts.

Over the years this was very helpful in identifying users who were posting under multiple accounts (alter-egos!) and users who would return after being banned.

You might be wondering why I don't use the vbcookie call - well, thats because on logout all vB cookies are cleared, so we need to store a cookie that is not effected by the login/logout process.

New Installation
1. Add New Product with attached XML
2. Go to vBulletin Options -> AE Multiple Login Detection Settings and set your specific settings.

Time to install: Easy - 2 minutes.

Upgrade
If you installed this as a Plug-in manually, you can delete that plugin and install this Product, just make sure to go into the Options and set them accordingly.

I hope you find this useful and will click INSTALL if you use it; should it prove useful to enough people I can look at making this installation more automated without the need for edits and an Admin Options page.

To upgrade you will want to reimport this XML file and edit your options accordingly.

1.0.3
-----
. Added a check to ensure that users weren't deleted when reporting violations
. added htmlspecialchars_uni call to username

Note: I am unable to get the call to construct_phrase with $vbphrase['multiplelogin_alert'] to work reliably, as such the $message variable is still set manually inside the plug-in and not via the phrase. If anyone has an idea of why this might not always work, I'm all ears.

1.0.2
-----
. Updated to include exclusion groups, users
. Changed so PM is sent by ae sender id

1.0.1
-----
. Released as a Product (thank you PHPGeek2k3 for your help)
. Added option to post to a forum versus send a PM (or both)
. All settings moved into Admin Option

1.0.0
-----
Initial release.

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Благодарность от:
too_cool_3

Comments
  #212  
Old 06-25-2007, 07:23 AM
Spinball's Avatar
Spinball Spinball is offline
 
Join Date: Feb 2002
Location: Telford, England
Posts: 705
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mfyvie View Post
Just to give everyone some advanced warning: I've had permission from MPDev (developer of this mod), to overhaul and extend it. I've started this process and am testing it on my own system. When it is ready, I will release the "enhanced version".

I'm doing this because I get about 3-5 duplicate accounts per day and the workload with having to deal with this is too much.

Examples of new features being added is the ability to send "please explain" PMs to offenders who have been detected with multiple accounts. This cuts down on the amount of work someone has to do - they simply wait for the reply. Notification messages can also be appending to an existing thread (rather than a new thread started each time).

The changes will also mean that the mod will be fully phrased based and the notification messages themselves will contain more useful information as well as links to various handy functions (like ban).

I'm also looking at making it more database-based - in that each cookie will be assigned a unique serial number. This will bring many advantages - such as the ability to exempt a particular computer from the check, rather than having to exempt the users themselves.

Just wanted to let those of you who are interested know - so you can watch out for it when it is released. I can't give you a promise at this stage when that will be - maybe a couple of weeks.
Excellent - thanks.
Reply With Quote
  #213  
Old 06-25-2007, 04:45 PM
YabbaDabba YabbaDabba is offline
 
Join Date: May 2004
Posts: 122
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mfyvie View Post
Notification messages can also be appending to an existing thread (rather than a new thread started each time).
MOST excellent!

Also, and you may have anticipated this already, but it would be useful to allow admins to reset the AED if their userID counts have been reset. Perhaps this means a timestamp or AED version number in the cookie.

And once an overlap has been reported for a particular pairing, it would be useful to stop further reports of that particular pairing. That is, once users A and B are reported as overlapping, it isn't necessary to report it again. But this should not stop new overlap reports for A and C, or B and C, from being made.
Reply With Quote
  #214  
Old 06-25-2007, 06:51 PM
mfyvie mfyvie is offline
 
Join Date: Mar 2007
Location: Zurich, Switzerland
Posts: 336
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Just an update on this:

I've completely rewritten the back-end (the old mod was only the backend), but I've yet to write the front end which will allow easy management of all the reports, cookies etc. At the moment the new version is running on my production forum (around 3000 visits per day), so I'd like to keep running it to make sure it is stable and works as it is supposed to. So far, so good.

The new features are too numerous to mention, but it does import the old cookies from the original version, so there's a pretty much seamless upgrade path between the old and the new version.

I'm not sure when this is going to be ready, but I would guess about 1 month, most of the difficult logic and tricky testing was done in the backend, so writing the front end should hopefully be simpler.

Now onto your suggestions:

Quote:
Originally Posted by YabbaDabba View Post
MOST excellent!

Also, and you may have anticipated this already, but it would be useful to allow admins to reset the AED if their userID counts have been reset. Perhaps this means a timestamp or AED version number in the cookie.
Cookies contain a unique cookieID which ties back to the database, userids on the cookie and the first visit on that cookie, as well as an MD5 hash of the cookie contents. Everything is based on userids, so to be honest if someone resets all their userid numbers (why would someone want to do this) then it won't work anymore. Thankfully the fix in this situation would be easy - the admin would have to drop all the records from the AED tables (can someone tell me what AED is supposed to stand for, I should really know since I'm writing it - the A and the D I get, but the E?).

If during the login process the cookie ID on the PC is not found in the DB then it will be removed from the machine and a fresh cookie issued - in this way it would solve the problem you've just described. This functionality has already been tested.

Quote:
Originally Posted by YabbaDabba View Post
And once an overlap has been reported for a particular pairing, it would be useful to stop further reports of that particular pairing. That is, once users A and B are reported as overlapping, it isn't necessary to report it again. But this should not stop new overlap reports for A and C, or B and C, from being made.
I've implemented this a little differently. Firstly the same users logging into the same cookie will not raise another report (that is also how it worked in the old/current version). Before you had the choice just to exempt users, but now you can exempt a cookie as well. The advantage of exempting a cookie is that all subsequent users won't be reported (unless they go to another computer and log in). This is useful for a PC where many people share it (like a common PC in a work cafeteria for example).

Of course if you've exempted a cookie and it gets cleared, then you'll get the report again unless the users have been exempted.

The main thing that used to bug me with the old one was having to retrieve the userids and enter them into that comma separated list. This will be much easier in future! The system also automatically PMs offenders and asks them to explain. If they don't, you can have them automatically banned or suspended within a configurable period of time. There's also an option to immediately ban users who register from a computer where a banned user has logged in...
Reply With Quote
  #215  
Old 06-25-2007, 07:57 PM
nocte nocte is offline
 
Join Date: Jan 2006
Posts: 59
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hi, here are my suggestions:
  • The reports should be searchable. So if you enter a specific user name in the searchbox you should find the reports.

  • The system info (e.g. browser, os, screen resolution, ..) as well as the IP-Adress(es) should be within the report. In some cases this might be helpful. It would be also helpful to have for each posting the system info saved to have a thrid way to compare users (appart from shared IP-Adress and cookie)

  • The first save date of the cookie should be reported.

  • I'd love to have a automatic cronjob that searched once a day for users who were during the last 24 hours online with the same ip-adress. We have a very huge forum that is a few years old so searching for a specific ip often shows dozens of users who accidently had the ip-adress during the last years.
Reply With Quote
  #216  
Old 06-26-2007, 08:25 AM
mfyvie mfyvie is offline
 
Join Date: Mar 2007
Location: Zurich, Switzerland
Posts: 336
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by nocte View Post
The reports should be searchable. So if you enter a specific user name in the searchbox you should find the reports.
The actual interface will be concerned more with dealing with the current issues - such as tracking new reports and resolving them, so it won't deal too much with history. However, each time an incident is reported it can be sent as a PM, started as a new thread in a given area or appended to an existing thread. Each report contains detailed information about each user found on the cookie. If you keep this information you can then use the advanced search features of VB to locate the info you need.

Quote:
Originally Posted by nocte View Post
The system info (e.g. browser, os, screen resolution, ..) as well as the IP-Adress(es) should be within the report. In some cases this might be helpful. It would be also helpful to have for each posting the system info saved to have a thrid way to compare users (appart from shared IP-Adress and cookie)
I have deliberately left out IP address and browser info from the reporting. Why? IP address is becoming more and more useless as a way to track users - that's the whole idea behind the cookie-based approach. Many users are logging on via proxies (for example when they are at work), or are using dynamically allocated address which are changing often. Including the IP really would be of limited use.

What about browser details? Since our cookie is tied to that specific browser, why do we need these details? How will it help? All we need to know is that a cookie with a given ID is tied to a particular computer. I don't want to include detail in the report unless it is really useful.

However, the report does mention how many times a user has been allocated a cookie, and warns if this number is too high - could indicate cookie deleting behaviour. However, users who delete their cookies after each session will probably never be caught by this hack anyway.

Quote:
Originally Posted by nocte View Post
The first save date of the cookie should be reported.
Yes, the first time each user is added to a cookie this date is saved both in the cookie and in the DB. It is also mentioned in any reports.

Quote:
Originally Posted by nocte View Post
I'd love to have a automatic cronjob that searched once a day for users who were during the last 24 hours online with the same ip-adress. We have a very huge forum that is a few years old so searching for a specific ip often shows dozens of users who accidently had the ip-adress during the last years.
Such a feature is out of scope for this mod and has nothing to do with any of its functions. However, you should be able to do this with a simple SQL query, or write such a cronjob yourself. Remember that people who work in the same company would be flagged with this. Most of my users are in the same country, so such a report would produce so many false positives that it would keep me busy investigating them all!!

I'll post some samples a bit later on about how some of the reports look that are running on my forum at the moment.
Reply With Quote
  #217  
Old 06-26-2007, 08:48 AM
Darat Darat is offline
 
Join Date: Aug 2004
Posts: 329
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

AED - I've always thought it stood for "alter ego detector".
Reply With Quote
  #218  
Old 06-26-2007, 01:40 PM
mfyvie mfyvie is offline
 
Join Date: Mar 2007
Location: Zurich, Switzerland
Posts: 336
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ok everyone - it's time to show you some goodies of how this product looks so far. As I said earlier only the backend is done (a few minor tweaks to do), but you can see a few things in the meantime.

The program is keeping a running log. This is basically a development feature I put in to track how the flow of the program through the various bits. But actually it turned out kind of cool.

This is what the standard text looks like for an alert message raised to the admins:

(note that I have removed personal info like email address)

Quote:
Duplicate Account Alert

Multiple users have been detected using the same computer. The following details are available:

Unique cookie ID: 241
Date cookie dropped: 10:38, 24th Jun 2007
Cookie first dropped for: Francko

Manage or configure options for this computer(cookie) here or for all cookies here.

User Details

Username (ID): Francko (4353)

First seen on this cookie: 10:38, 24th Jun 2007
Last seen on this cookie: 10:38, 24th Jun 2007
Cookies used last 720 days: 2
Cookies used last 30 days: 2
Joined date: 02:06, 17th Apr 2007
Last activity: 02:40, 23rd Jun 2007
Number of posts: 1
Email address: ****@hotmail.com
Ban status: Not banned (Ban this user)

The following profile information is recorded for this user - Location: -

---

Username (ID): Egla (4630)

First seen on this cookie: Imported from legacy cookie
Last seen on this cookie: Imported from legacy cookie
Cookies used last 720 days: 0
Cookies used last 30 days: 0
Joined date: 22:56, 24th Apr 2007
Last activity: 13:46, 19th Jun 2007
Number of posts: 14
Email address: ****@yahoo.co.uk
Ban status: Not banned (Ban this user)

The following profile information is recorded for this user - Location: London

---

This report was generated by a modification for vBulletin that detects multiple users using the same computer. Details for this modification can be found here.
The users can also get a PM. This is what they look like on my system, but the standard version of the product will have different, more generic text:

Quote:
Dear test03,

We've recently had reason to believe that either someone else has been using your account, or that you may have two accounts on this system.

Sometimes we make mistakes, so we'd just like to check whether you are using more than one account. Please take a moment to read through this information, which outlines our policy.

It may explain why we have sent you this message.

We'd be grateful if you could clarify this situation for us. Please note: If we do not hear from you in 7 days, or by 29.06.2007, your account will be automatically banned. If this is an honest misunderstanding, please accept our apologies in advance

Thanks for your understanding and co-operation in this matter.
I've still got a few minor tweaks like adding info to the admin reports that a user will get a PM and whether or not they will be banned or suspended, and how much time they have left.

Please also see screenshot attached to this post.
Reply With Quote
  #219  
Old 06-26-2007, 06:10 PM
nocte nocte is offline
 
Join Date: Jan 2006
Posts: 59
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mfyvie View Post
I have deliberately left out IP address and browser info from the reporting. Why? IP address is becoming more and more useless as a way to track users - that's the whole idea behind the cookie-based approach. Many users are logging on via proxies (for example when they are at work), or are using dynamically allocated address which are changing often. Including the IP really would be of limited use.
Imagine this situation (we accutally have this issue):

There?s a Club with a public internet terminal. Many forum users log in there.

The Club?s owner has an account too as well as many more fake accounts to promote his club.

Sometimes the owner uses his own PC ? so we can be quite sure that in that case all multiple accounts are fake accounts.

Sometimes the owner uses the public PC ? in that case we can?t distinguish between normal users and the owner?s fake accounts.

So let?s imagine the owner clears the browser cache on his private computer and logs in again with several of his accounts. In this case we have to wait and watch again for a while till we can guess whether he?s using the public or the private PC (in other words: if we can ban all multiple accounts or if there may be normal users among them)

Did I make myself clear? When public computers are involved it may be very comfortable to have system data as well.
Reply With Quote
  #220  
Old 06-26-2007, 11:19 PM
NeitherSparky's Avatar
NeitherSparky NeitherSparky is offline
 
Join Date: Aug 2006
Location: Sacramento, CA
Posts: 118
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mfyvie View Post
Please also see screenshot attached to this post.
I'm NeitherSparky and I approve this mod. Looks great!
Reply With Quote
  #221  
Old 06-27-2007, 11:16 AM
Bravo Bravo is offline
 
Join Date: Nov 2006
Posts: 67
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by mfyvie View Post
Ok everyone - it's time to show you some goodies of how this product looks so far. As I said earlier only the backend is done (a few minor tweaks to do), but you can see a few things in the meantime.

The program is keeping a running log. This is basically a development feature I put in to track how the flow of the program through the various bits. But actually it turned out kind of cool.

This is what the standard text looks like for an alert message raised to the admins:

(note that I have removed personal info like email address)

The users can also get a PM. This is what they look like on my system, but the standard version of the product will have different, more generic text:

I've still got a few minor tweaks like adding info to the admin reports that a user will get a PM and whether or not they will be banned or suspended, and how much time they have left.

Please also see screenshot attached to this post.
do you have a beta for this that can be used?
looks awesome nice job so far
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:06 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05983 seconds
  • Memory Usage 2,352KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (13)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (1)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete