1
geist3
troll tracking and banning
  • 2005/4/14 17:18

  • geist3

  • Just popping in

  • Posts: 4

  • Since: 2005/2/1 1


I tried to make things harder for a troll I have. I had made a fourth group called banned which had no priviliges and put them in there and removed them from registered users group. I was guessing deleting them would enable them to register again with the same email address. IP blocking wasnt working as they were on dialup. So they continued.

So I made this code to help, it is inserted in checklogin.php in the includes directory, my code is between the slash lines, whats above and below is to guide you as to where to place it.
You need to set the variables at the top.
You need to create a fourth group to put banned people in.
the code creates the specified table if it doesnt exist.
To ban a user add them to group 4.
When they log in, this code will stop login and present a blank page. It also records their username, cleartext password, ip address and sets a cookie, all these attributes now indicate a ban. They can't use anonymous proxy because of the cookie, if they try from another computer and try their old ID that computer becomes banned to, if they clear the cookies, then the ip is still used to identify. If they register a new user on a computer with the ban cookie on, that new user becomes banned, if they know another users password and try to log in with that then that user becomes banned. There are ways around it but it's the best i could think of.
heres the code, if anyone could make a module or suggest an enhancement or offer any feedback that would be appreciated.
Just create a fourth group, set the top variables, and bung the code into checklogin.php. If there was a way, i'd attatch the whole file. If you ban yourself, delete the table and clear your cookies and login with a user not in the banned group. Do not bad admin user! I am not responsible for anything caused by this code, use it at your own risk.
-->Code


redirect_header(XOOPS_URL.'/index.php', 1, _NOPERM);
exit();
}
}

//////////////////////////////////////////////////////////////
$dbserver="localhost";

//set me
$dbusername="";
$dbpassword="";
$dbdatabase="";

$dbtable="passes";
$banned=false;
$connected=false;

//gets ip address
if (getenv(HTTP_X_FORWARDED_FOR)) {
$ip=getenv(HTTP_X_FORWARDED_FOR);
}
else if (getenv(HTTP_CLIENT_IP)) {
$ip=getenv(HTTP_CLIENT_IP);
}
else {
$ip=getenv(REMOTE_ADDR);
}

//connects to DB
if (!$dbh=mysql_connect($dbserver,$dbusername,$dbpassword)) {
print("Failed to connect to MySQL Server: " . mysql_error() . "");
}
else {
//select database
if (!$err=mysql_select_db($dbdatabase)) {
print("
Failed to select db:" . $dbdatabase . " " . mysql_error() . "");
}
else {
//check for table existence
$sql = "select id,uname,pass,vpass,email,ip,datetime,banned from " . $dbtable;
if(!$result=mysql_query($sql)){
$sql = "create table ".$dbtable."(id int not null auto_increment primary key," .
"uname varchar(20),pass varchar(20),vpass varchar(20),email varchar(20)," .
"ip varchar(20), datetime varchar(20),banned varchar(20))";
if(!$result=mysql_query($sql)) {
print("
Error! " . mysql_error() . "
");
print("
Query:" . $sql . "
");
}
}

//check if user is in group 4
foreach ($user->getGroups() as $group) {
//1 webmaster 2 registered 3 anon 4 added as ban
if ($group==4) {
$banned=true;
}
}
if($banned==false) {
//check for ban cookie
if(isset($_COOKIE["ccqrrt"])){
$banned=true;
} else {
//check for banned username
$sql='select * from '.$dbtable.' where uname="'.$uname.'" and banned="yes"';
$result=mysql_query($sql);
if(!$result=mysql_query($sql)){
print("
Error! " . mysql_error() . "
");
print("
Query:" . $sql . "
");
}
$rownum= mysql_num_rows($result);
if($rownum>0){
$banned=true;
} else {
//check for banned ip
$sql='select * from '.$dbtable.' where ip="'.$ip.'" and banned="yes"';
if(!$result=mysql_query($sql)){
print("
Error! " . mysql_error() . "
");
print("
Query:" . $sql . "
");
}
$rownum= mysql_num_rows($result);
if($rownum>0){
$banned=true;
}
}
}
}
}
}


//if indication of banned user set cookie, record ip etc
if($banned==true){
setcookie("ccqrrt", "r", time()+60*60*24*31*12*100);
$datetime=date("d,m,y h:i:s");
$sql='insert into ' . $dbtable . ' (uname, pass, ip, datetime, banned)' .
'values ("'.$uname.'","'.$pass.'","'.$ip.'","'.$datetime.'", "yes")';
if(!$result=mysql_query($sql)){
print("
Error! " . mysql_error() . "
");
print("
Query:" . $sql . "
");
}
die();
}
//////////////////////////////////////////////////////////////


$user->setVar('last_login', time());
if (!$member_handler->insertUser($user)) {

2
neverpsyked
Re: troll tracking and banning
  • 2005/4/14 19:07

  • neverpsyked

  • Just popping in

  • Posts: 1

  • Since: 2005/4/14


[size=x-small]This is exactly what I need (to block my insane father, of all things), but I'm not prepared to deploy it on a production site sight unseen. Has it been stable so far?

Also, how does it deal with NAT and PAT masked IP's (e.g. the user is behind a Netgear wireless AP that uses NAT)?
[/size]

3
geist3
Re: troll tracking and banning
  • 2005/4/14 19:35

  • geist3

  • Just popping in

  • Posts: 4

  • Since: 2005/2/1 1


It is kinda hard for you to test without a spare copy of xoops. I have tested it allot and I have it running on a live website. I'd reccomend just backing up your checklogin.php and figuring out a way of checking on the table created using phpmyadmin or something. Then adding this.
If a user behind a NAT device is banned then when they log on all users behind the NAT device would be banned as it would be the NATs IP that is stored. Then other people, as they log on from behind the NAT device would be added to the ban list. If you want to stop this then comment out the ip checking lines, then it will still work for the single machine of the banned user as it will use the cookie and username for detection.
You can try on my test server
http://eltophi.com/xoops/
Create a user, you should be able to log in fine. Then log in as test4 password test4 who is banned, then you should not be able to log in again as anything from that computer, or if you do anything to give yourself away on another computer (like try a banned name).

4
stuie200
Re: troll tracking and banning
  • 2005/11/18 10:41

  • stuie200

  • Friend of XOOPS

  • Posts: 161

  • Since: 2004/1/4 2


I just wanted to leave a message saying thank you very much for this hack.

I have had this hack running on my site for a few months now and it has definatly done the trick for which it was designed.

I had some major problems with some kids at a school logging onto my site and trying their best to kill the community spirit but using this hack i could kill their access to the site and since then i have not heard a peep from them

Thanks again for some great coding.

P.S. Just for refernece if anybody else wants to try this i ran it on XOOPS 2.0.10 through to 2.0.13.2 without any problems at all
"I'm as confused as a baby in a topless bar."

5
bluenova
Re: troll tracking and banning

ohhhhh, I missed this one in April. Really nice hack, have you submitted it as a feature request?

Login

Who's Online

353 user(s) are online (249 user(s) are browsing Support Forums)


Members: 0


Guests: 353


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits