Junior Spellweaver
- Joined
- Feb 6, 2013
- Messages
- 196
- Reaction score
- 25
Hi,
I created a small "extra security" feature for RevCMS. I've had problems with scams on my hotel, people get into eachothers account because they are using the same passwords everywhere.
Anyhow, this extra security saves the date & IP for each login for every user. Using a seperate table and a simple mysql_query in class.users. Might be helpful for some of you. So you can compare IPs if someone were scammed. If someone is using VPN then sure this tool wont be as helpful, but you can atleast confirm if some scammer logged into someones account or not. (this is 99,9% accurate if you are using VPN block as I am)
Run this query.
Then, add this code below $template->form->unsetData(); in class.users.php
This saves the date and IP for each login for a players account.
This could be improved in many ways, please come with suggestions if you'd like.
I created a small "extra security" feature for RevCMS. I've had problems with scams on my hotel, people get into eachothers account because they are using the same passwords everywhere.
Anyhow, this extra security saves the date & IP for each login for every user. Using a seperate table and a simple mysql_query in class.users. Might be helpful for some of you. So you can compare IPs if someone were scammed. If someone is using VPN then sure this tool wont be as helpful, but you can atleast confirm if some scammer logged into someones account or not. (this is 99,9% accurate if you are using VPN block as I am)
Run this query.
Code:
CREATE TABLE `iplogins` ( `userid` int(11) NOT NULL, `ip` varchar(211) NOT NULL, `date` varchar(11) NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Then, add this code below $template->form->unsetData(); in class.users.php
PHP:
mysql_query("INSERT INTO iplogins (`userid`, `ip`, `date`) VALUES ('".$_SESSION['user']['id']."', '".$_SERVER["HTTP_CF_CONNECTING_IP"]."', '" . date('d/M/y', time()) . "')") or die ("Error in query: ".mysql_error());
This saves the date and IP for each login for a players account.
This could be improved in many ways, please come with suggestions if you'd like.
Last edited: