34 replies to this topic

[Michael]

File Name: (FSY22) IP Change Tracker v1.0
Author: Michael
Category: IP.Board v2.2.x Mods
Description:
Allows you to verify that members from selected member groups are accessing the board using an authorized IP address. If they try to access the board using an IP address not associated with their account they will be blocked from logging in. The administrators have the ability to track who has been blocked by this, and to approve new IP addresses for these members. The final octet in the IP address is always wild-carded to avoid problems with users on multiple PCs in the same house, or dynamic IP addresses.

Requirements:
This mod was designed to be installed using the Universal Mod Installer, available from IPS Resources or Invision Modding.

Files Affected:

• sources\action_public\register.php
• sources\classes\class_session.php

Purchase (FSY22) IP Change Tracker v1.0
Cost: $25 (USD)	Buy Now

Before purchasing this Modification, be sure to review the Terms and Conditions.

[nickos]

Curious. If I got this on our 2.2.x boards, if updated to 2.3.x would it still work and if not will this be available on 2.3.x sometime?

[Michael]

It will work fine on both 2.2 or 2.3.

[nickos]

Ok.

I'm assuming this is for the boards only, not regarding ACP? (I know there was some mod out there to regulate the allowed IP's for admin users before, anyway).

And I'm a little hesitant with the idea. If we have boards used by about 100 people, then this could possibly turn out to be a big burden, right? I guess I'd have to be familiar with how many different IP's on average each user will have. Probably more of a problem initially, though security-wise it does sound pretty attractive.

Edit: Quick question to add. How does it work when you install it and already had members on the boards? I'm guessing the original IP new members register with are their allowed IP's when viewing boards. But when this is installed initially with users already existing on the boards, will it adopt the first IP they use or what?

Edited by nickos, 06 August 2007 - 09:14 PM.

[Michael]

I can tell you this much, the person I wrote this mod for was using it for a very closed forum where drastic IP changes would be rare, probably in like an office setting.  If your site has people that access the board regularly, this might indeed become more problem than it is worth.

When you first install the mod, the 'approved address' saved for each member is the address they used when they register, the installer sets that up.

[nickos]

Sorry to bug you again, but does this cover the boards as well as admin, or just the boards?

Also thanks for the replies thus far.

Edited by nickos, 07 August 2007 - 06:51 AM.

[Michael]

Just the boards.

[hiroshidw]

this is a Bittorrent Tracker?

[Neville]

this is a Bittorrent Tracker?

ROFL, that's funny.

Description:
Allows you to verify that members from selected member groups are accessing the board using an authorized IP address. If they try to access the board using an IP address not associated with their account they will be blocked from logging in.

[Depot]

Many banks use this feature to prevent anyone from accessing your account online if they attempt to from an IP other than the one it was registered on. It even prompts you for secret codewords if you clear your cookies.

Nice mod Michael!  

[Michael]

Thanks

[gorbo]

After installing this mod I received this IPS Error:


Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND mt_owner_id= AND mt_read!=1' at line 1
IP Address: ********
mySQL query error: SELECT count(mt_id) as total FROM ibf_message_topics WHERE mt_to_id= AND mt_owner_id= AND mt_read!=1

Not sure how this would effect this mod because it looks like its pulling information from the topic and this mod Im sure doesn't lol...
The error comes from doing the edit to sources\classes\class_session.php

Here is what I have above and below that line.
Can you tell what might be causing it??

Quote

//-----------------------------------------
        // Synchronise the last visit and activity times if
        // we have some in the member profile
        //-----------------------------------------
        
        if ( $this->member['id'] )
        {
         if ( !isset($this->ipsclass->input['last_activity']) OR !$this->ipsclass->input['last_activity'] )
         {
         $this->ipsclass->input['last_activity'] = $this->member['last_activity'] ? $this->member['last_activity'] : $this->time_now;

         }
        
         if ( !isset($this->ipsclass->input['last_visit']) OR !$this->ipsclass->input['last_visit'] )
         {
$this->ipsclass->input['last_visit'] = $this->member['last_visit'] ? $this->member['last_visit'] : $this->time_now;
         }
        
//-----------------------------------------
// If there hasn't been a cookie update in 2 hours,
// we assume that they've gone and come back
//-----------------------------------------

if ( ! $this->member['last_visit'] )
{
//-----------------------------------------
// No last visit set, do so now!
//-----------------------------------------

$this->ipsclass->DB->simple_construct( array( 'update' => 'members',
  'set'    => "last_visit=".$this->time_now.", last_activity=".$this->time_now,
  'where'  => "id=".$this->member['id']
)      );

$this->ipsclass->DB->simple_shutdown_exec();

}
else if ( (time() - $this->ipsclass->input['last_activity']) > 300 )
{
//-----------------------------------------
// If the last click was longer than 5 mins ago and this is a member
// Update their profile.
//-----------------------------------------

list( $be_anon, $loggedin ) = explode( '&', $this->member['login_anonymous'] );

$this->ipsclass->DB->simple_construct( array( 'update' => 'members',
  'set'    => "login_anonymous='$be_anon&1', last_activity=".$this->time_now,
  'where'  => "id=".$this->member['id']
)      );

$this->ipsclass->DB->simple_shutdown_exec();
}

//-----------------------------------------
// Check ban status
//-----------------------------------------

if ( $this->member['temp_ban'] )
{
$ban_arr = $this->ipsclass->hdl_ban_line(  $this->member['temp_ban'] );

if ( time() >= $ban_arr['date_end'] )
{
//-----------------------------------------
// Update this member's profile
//-----------------------------------------

$this->ipsclass->DB->simple_construct( array( 'update' => 'members',
  'set'    => "temp_ban=''",
  'where'  => "id=".$this->member['id']
)      );

$this->ipsclass->DB->simple_shutdown_exec();
}
else
{
$this->ipsclass->member = $this->member;
$this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'account_susp', 'INIT' => 1, 'EXTRA' => $this->ipsclass->get_date($ban_arr['date_end'],'LONG', 1) ) );
}
}
Here is where it says to add the code....
}

//-----------------------------------------
        // Set a session ID cookie
        //-----------------------------------------
      
        $this->ipsclass->my_setcookie("session_id", $this->session_id, -1);
        
        return $this->member;
    }
    
    /*-------------------------------------------------------------------------*/
    // Build group permissions
    /*-------------------------------------------------------------------------*/
    
    function build_group_permissions()
    {
     if ( isset($this->member['mgroup_others']) AND $this->member['mgroup_others'] )
{
$groups_id    = explode( ',', $this->member['mgroup_others'] );
$exclude      = array( 'g_title', 'g_icon', 'prefix', 'suffix', 'g_promotion', 'g_photo_max_vars' );
$less_is_more = array( 'g_search_flood' );
$zero_is_best = array( 'g_attach_max', 'g_attach_per_post', 'g_edit_cutoff', 'g_max_messages' );

# Blog
$zero_is_best = array_merge( $zero_is_best, array( 'g_blog_attach_max', 'g_blog_attach_per_entry', 'g_blog_preventpublish' ) );

# Gallery
$zero_is_best = array_merge( $zero_is_best, array( 'g_max_diskspace', 'g_max_upload', 'g_max_transfer', 'g_max_views', 'g_album_limit', 'g_img_album_limit', 'g_movie_size' ) );

if ( count( $groups_id ) )
{
foreach( $groups_id as $pid )
{
if ( ! isset($this->ipsclass->cache['group_cache'][ $pid ]['g_id']) OR !$this->ipsclass->cache['group_cache'][ $pid ]['g_id'] )
{
continue;
}

[gorbo]

Gotta love the support....

[Michael]

I'm sorry, I'm not here as often as I'd like to be any more.  What exactly were you doing when you got this error?  It's an error related to counting info about how many unread PMs you have, it's not something this mod messed with.

[gorbo]

All Im doing is logging in..
And I have the same IP as I have always had.
All other members are having the same problem and its only when I add the code above to where it says to add it.

As of yet I haven't been able to use this mod

[Michael]

When you uninstall the mod, does it fix this problem?

[gorbo]

As long as I don't put this edit in the boards work fine.
When I add this edit I receive the errors.

[Michael]

Do you have some modification installed that is checking the number of unread messages you have?  I can't find the code that the error message is displaying anywhere in the core IPB files.  This mod isn't actually changing anything that can cause that error.

[gorbo]

Yes I do actually.
And it works perfectly but not with this mod.

Incompatible?
That sucks....guess I just wasted some $$

[China J]

gorbo, on Feb 17 2008, 04:55 PM, said:

Yes I do actually.
And it works perfectly but not with this mod.

Incompatible?
That sucks....guess I just wasted some $

The unread pms mod is far from perfect and definately not supported by the author at this moment. So in essence it's the unread pm mod that's not upto date. It's a 2.2.x mod rebranded with the 2.3.x series because it still worked, not because the coding was updated.

More appropriately it would have been better to ask for further help for a work around instead of the wasted money comment. I'm sure someone at the IP Resouce site would have some input on the unread pm mod as it is still available for download there.