[phpBB Debug] PHP Warning: in file [ROOT]/feed.php on line 173: Cannot modify header information - headers already sent by (output started at [ROOT]/feed.php:1)
[phpBB Debug] PHP Warning: in file [ROOT]/feed.php on line 174: Cannot modify header information - headers already sent by (output started at [ROOT]/feed.php:1)
[phpBB Debug] PHP Warning: in file [ROOT]/feed.php on line 180: Cannot modify header information - headers already sent by (output started at [ROOT]/feed.php:1)
IntegraMOD Home of phpBB Integrated Modifications 2006-07-07T11:07:52-07:00 https://integramod.com/forum/feed.php?f=17&t=1422 2006-07-07T11:07:52-07:00 2006-07-07T11:07:52-07:00 https://integramod.com/forum/viewtopic.php?t=1422&p=11183#p11183 <![CDATA[Can I prevent multiple logins using the same username?]]> http://phpbbhacks.com/download/449

Statistics: Posted Author: MrGrim — Fri Jul 07, 2006 11:07 am

]]> 2006-07-01T22:48:06-07:00 2006-07-01T22:48:06-07:00 https://integramod.com/forum/viewtopic.php?t=1422&p=10693#p10693 <![CDATA[Re: Can I prevent multiple logins using the same username?]]>
"Vadar";p="10687" wrote:
Hi,

I can see where you are going with the primary logon location ID mod. That makes a lot of sense.

I guess I was looking at it from a slightly different angle. I was wondering if it might be possible to capture the fact that a particular user was logged on and, if so, actively prevent a second log on using that same username/password combination.

For example, right now I can log on to this portal and then go to the computer next to me and log on a second time. Wouldn't it make sense that once the software "sees" that you are logged in, it could be set up to prevent any other attempt to log on using that same username/password combination for as long as the first instance is active?

The solution you are looking at takes it a step farther, but I can see how it would require a significant modification. Although what I described above wouldn't be quite as effective, it might be easier to create. What do you think?


I agree.

The answer to your particular scenario lies somewhere in the phpbb_sessions table and how the data is queried. I'm just not altogether sure where its queried from, and how the bits are manipulated. Once I figure that part out.. then yeah.. it sounds like it would be a relatively easy modification.

Statistics: Posted Author: computerskillz — Sat Jul 01, 2006 10:48 pm

]]> 2006-07-01T20:18:08-07:00 2006-07-01T20:18:08-07:00 https://integramod.com/forum/viewtopic.php?t=1422&p=10687#p10687 <![CDATA[Re: Can I prevent multiple logins using the same username?]]>
I can see where you are going with the primary logon location ID mod. That makes a lot of sense.

I guess I was looking at it from a slightly different angle. I was wondering if it might be possible to capture the fact that a particular user was logged on and, if so, actively prevent a second log on using that same username/password combination.

For example, right now I can log on to this portal and then go to the computer next to me and log on a second time. Wouldn't it make sense that once the software "sees" that you are logged in, it could be set up to prevent any other attempt to log on using that same username/password combination for as long as the first instance is active?

The solution you are looking at takes it a step farther, but I can see how it would require a significant modification. Although what I described above wouldn't be quite as effective, it might be easier to create. What do you think?

Statistics: Posted Author: Vadar — Sat Jul 01, 2006 8:18 pm

]]> 2006-07-01T19:57:36-07:00 2006-07-01T19:57:36-07:00 https://integramod.com/forum/viewtopic.php?t=1422&p=10684#p10684 <![CDATA[Can I prevent multiple logins using the same username?]]>
Something I doubt has been thought of.

I was thinking about a modification that asks a user if this will be their primary logon location (the computer they're logging in from, a.k.a a Computer Account) and then set the IP of that computer as the "main" IP for that user. A user can also configure one or more computer accounts: one for home, one for work, one for the library, etc)

Such that if the user logs on from another computer other than the main "computer account" IP, the user is then prompted for their security answer.

This prevents user accounts from being compromised by unauthorized users who may have access to a user account but not located at one of the configured "Computer Accounts" of the user. The admin can set the # of allowable "Computer Accounts" per user or per site. Logons from the second computer account will block logon attempts from the other computer accounts and so on and so on.

And to prevent authorized users from passing along their security credentials to other users, such as by selling a paid-subscription account, the modification can allow access from only one computer account at a time per logon. So that the same logon account can't be loged on from two different computers at the same time and/or within a configurable time frame.

etc

I think this would definitely help in the event of a user passing along paid priviledges and possibly making money by purchasing one paid account and then selling it to multiple people, as well as prevent potential hacks of one or more accounts.

VERY good question! I'll post this as a mod request on phpBB to see if maybe somebody will work on it.

Statistics: Posted Author: computerskillz — Sat Jul 01, 2006 7:57 pm

]]> 2006-06-30T17:49:36-07:00 2006-06-30T17:49:36-07:00 https://integramod.com/forum/viewtopic.php?t=1422&p=10614#p10614 <![CDATA[Can I prevent multiple logins using the same username?]]>
Thanks!

Statistics: Posted Author: Vadar — Fri Jun 30, 2006 5:49 pm

]]>