Hal9000 suggested this. It's a simple modification to detect users with more than one login. As each new login is detected a PM will be sent to all administrators with information on the multiple identity users.
Update: Cookie uses configured expiration time and does not expire in 24 hours. Also, there is no on the number of identities tracked per user. As each new identity is used it is reported.
File's attached.
Happy Hunting. It's open season.
UPDATED: 4-15-03 by JoshPet - Added a step to expire the cookies for Admins. Otherwise, even though the cookie isn't set if you are an Admin, you get one when you use the "become this user feature". So as soon as you become 2 users... you start getting "Multiple Identity Detected" PMs out the ying yang. This update will prevent that. Hope JustDave doesn't mind me updating his code.
As long as they don't clear their cookies the PM's will stop. If there is no cookie one is set with the current user number. Even if you log out this cookie will remain. If they log back in under a new user the new number is added to the cookie and a PM is sent. Now that the cookie has two numbers stored it will take a 3rd new number for it to send another PM.
I'm not sure which would be better for an ignore feature. Something from the configure file in the admin area where user numbers could be stored or to create a whole new field in the user's table and set a flag value to ignore the users with the field set.
Dave in order to limit the number of pm's everytime that recognise a multiple identity, is there any other way to report this? I was thinking of a page or a text file where all the multiple identities will be writen
>From: **DONOTDELETE** >I seem to have multiple personalities using ID numbers 1234 and 1 >sharing the same computer.
How can it happen that some user could login as User #1 DONOTDELETE
Is this a bug in the hack's code or is there a user using some sort of side entrance to threads nobody was aware of yet? - By the way: I have deleted only 2 users. I am pretty sure this one was not amongst them.
[]coy7 said: I've installed this and it works -- I just found out that two sisters who post on my board must share a computer.
Now that I know this -- and get reminded everytime one of them logs on -- is there any way to exclude member numbers from this check? [/] I admin on coy's board.... so the repeated duplicate PMs from the sisters were bugging me. They must toss their cookies. So I tweaked this a bit.
So..... Here's how you can ignore certain user numbers:
In the original double identity detection code....
Then go into your config file.... at the very bottom and put this variable into the extra/unknown variable section.
$config['allowed_dupes'] = '14,17,13';
Between the quotes... put "allowed" duplicate user numbers. Separate them with a comma. What this does... if the user number matches a number on this list, it skips the Private Message send out.
Now if a user on the list has more identities than the what you list, you won't get notified. It basically ignores this user and it's assumed that they are allowed unlimited duplicates.
I think the sisters in question login to the board from school, and that's why they share a computer which also dumps cookies on a regular basis. I'm noticing this issue quite a bit with the number of college kids on my board.
This fix will really come in handy. There's nothing more disappointing than having a new PM then discovering it's just a "duplicate ID notification"
I must admit, this is the best hack I have installed in my threads so far. Damn, the Idea of having total control and knowing who is using what turns me on. Thanks JustDave, what can I say, you are a genious
I just tried this on 6.1.1 but it does not work. It generates the following error:
Fatal error: Call to undefined function: get_input() in /export/data1/users2/board/public_html/ubbt.inc.php on line 229
Any suggestions on how I can get this to work on 6.1.1 ? This would really be helpful on my board since I get the occasional dickhead signing up with a new ID just to flame someone (we have a very strict rule on flaming, you get warned once... if you are lucky).
"Try taking the get_input lines out of the cookies script. Those are unneeded (and that function didn't exist) in 6.1.x" Thanks. Will give it a shot tonight when I get back home.
Hmmm, one of my mods created a new account, used it, then logged back in using his real account, but I did not receive any PM. He assures me that he did not mess around with his cookies.
Does one need to check the 'Remember me' box in order for this to work?
this is a great script... you will receive a pm with the usernumbers but as they are clickable and take you to that users profile there is no real need to make it go by username
I like the idea of the username included with the usernumbers, would make tracking stuff down friendlier. I also received a message today from user number 1 which I already had in the list, but didn't have the second number.
Under the impression I wouldn't get the messages if one of the numbers was listed... hmm
Anyway the list of exclude numbers has greatly decreased the messages I been getting on multiple identities.
UPDATED: 4-15-03 by JoshPet - Added a step to expire the cookies for Admins. Otherwise, even though the cookie isn't set if you are an Admin, you get one when you use the "become this user feature". So as soon as you become 2 users... you start getting "Multiple Identity Detected" PMs out the ying yang. This update will prevent that. Hope JustDave doesn't mind me updating his code.
If you already have this installed, add this above the Multiple Identity Detector Code:
Sorry -- I forget that you get those PMs as well. I hate it when users post in the wrong thread, but have no option other than to manually move their post to the proper thread (I supposed I could delete the post... depends on what sort of mood I'm in). Anyway, I've been doing lots of "login as user" lately to move posts around.
One way to avoid triggering the mutiple identity check when you become another user is to use JustDave's My Cookie utility to clear your Threads cookie before you log back in as yourself.
The My Cookies utility will be in the next version of Threads (6.3).
I made a small change in the code in order not to receive pm but every multiple identity to be writen in a file I was getting tired reading,deleting pm's and I think this is a better solution for a busy board.
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.