Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Registration IP in Access Log?  (Read 2533 times)

0 Members and 1 Guest are viewing this topic.

majay

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 33
Registration IP in Access Log?
« on: August 06, 2006, 01:40:45 am »

Hello,

First of all please forgive me if this has been asked before, but it's hard to search when the main keyword is simply "IP" :-\

I often experience multiple registrations by one single person at my gallery. I require admin validation for new users, but many people don't read anything that's written before or even after their registration, so they don't know that they're supposed to wait until their account is activated by the admin before being able to log in. Therefore many of them simply re-register with different usernames and email addresses again and again, thinking they will gain access to the gallery faster. They're usually easy to recognize, as either the usernames they use are similar to the first one they chose (ie "toto" will re-register as "toto66", then "TOTOBOY", for instance), or the email addys they use are similar. Now obviously, it isn't always that easy to notice, but it usually results in dozens of account deletions, and given the pace at which my usermgr.php loads it can be a really long process. I always check the security log for failed login attempts to try and catch multiply used IP's, but it usually doesn't help a lot.

So would it be possible to add a new user's IP to the access log so it would look like this?

Code: [Select]
New user "toto27" from IP xx.xxx.xxx.xx created on August 2, 2006, 7:58 pm
I tried to figure that out by myself by applying whatever would be written in the security log code to the access log, but I was unable to find in what file the code is. If someone could please come up with an idea I'm sure it would help me save a lot of time. I've had to delete about 200 accounts in the last week, so any help will be apreciated.

Thank you!
« Last Edit: August 24, 2006, 04:33:25 pm by Brek »
Logged

eruss

  • Supporter
  • Coppermine frequent poster
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 105
Re: New User IP in Access Log?
« Reply #1 on: August 07, 2006, 06:09:00 am »

Hello,

First of all please forgive me if this has been asked before, but it's hard to search when the main keyword is simply "IP" :-\

I often experience multiple registrations by one single person at my gallery. I require admin validation for new users, but many people don't read anything that's written before or even after their registration, so they don't know that they're supposed to wait until their account is activated by the admin before being able to log in. Therefore many of them simply re-register with different usernames and email addresses again and again, thinking they will gain access to the gallery faster. They're usually easy to recognize, as either the usernames they use are similar to the first one they chose (ie "toto" will re-register as "toto66", then "TOTOBOY", for instance), or the email addys they use are similar. Now obviously, it isn't always that easy to notice, but it usually results in dozens of account deletions, and given the pace at which my usermgr.php loads it can be a really long process. I always check the security log for failed login attempts to try and catch multiply used IP's, but it usually doesn't help a lot.

So would it be possible to add a new user's IP to the access log so it would look like this?

Code: [Select]
New user "toto27" from IP xx.xxx.xxx.xx created on August 2, 2006, 7:58 pm
I tried to figure that out by myself by applying whatever would be written in the security log code to the access log, but I was unable to find in what file the code is. If someone could please come up with an idea I'm sure it would help me save a lot of time. I've had to delete about 200 accounts in the last week, so any help will be apreciated.

Thank you!

Are you trying to:

A.  Prevent people from registering multiple times.
B.  Find a reference for yourself so you can delete the duplicates based on IP addresses?

I would start with A and find a way to communicate with your users that they need to wait for activation.  It's less time for you.  Maybe editing the Terms and Conditions text to have big, bold words explaining this will help you.
Logged

majay

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 33
Re: New User IP in Access Log?
« Reply #2 on: August 07, 2006, 01:11:42 pm »

Hi eruss,

I've done that already. The terms and conditions are cristal clear with important parts in bold, and once people have finished their registration another message appears saying they will have to wait for admin activation. Same thing in the confirmation email that is sent to them. Believe me, some people just don't read. Some might not understand english mind you, but most are from the USA or West European countries. Besides, I have customised all of my registration messages and would be uncapable of translating them into all of Coppermine's language files.

But I am trying to prevent both of what you said, really. The thing is, sometimes IP addresses are the only pieces of data that will let me detect duplicates (I know IPs are dynamic, but when the same IP was recorded twice or more within 15 minutes or so, it has to be the same person).

Like I said, if I knew in what file the code for the Security log was, I'd love to try and work that out for myself and submit a solution here if I find one. I've tried viewlog.php, logs/log_header.inc.php, logger.inc.php, functions.inc.php and init.inc.php, but I found nothing. If someone knows and could tell me where to find the code in the security log that creates this:

Code: [Select]
Failed login attempt with Username: toto06 from IP xxx.xxx.xxx.xxx on Aug 06, 2006 at 10:44 PM
That would help a lot! Thank you!
« Last Edit: August 07, 2006, 01:28:11 pm by Morgane »
Logged
Pages: [1]   Go Up
 

Page created in 0.022 seconds with 20 queries.