05-05-2014, 12:16 PM,
(This post was last modified: 05-05-2014, 12:42 PM by kelo.)
|
|
kelo
Member
|
Posts: 25
Threads: 14
Joined: May 2013
|
|
IP Logging..
Hi.. i am adding IP Logging into my weberp
include/UserLogin.php
I added login_log table on database
Code: CREATE TABLE IF NOT EXISTS `login_log` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user` varchar(50) NOT NULL,
`ip` varchar(50) NOT NULL,
`referer` varchar(150) NOT NULL,
`agent` varchar(150) NOT NULL,
`date` varchar(35) NOT NULL,
`status` varchar(10) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;
and insert script in include/UserLogin.php after this line of code
Code: } else {
$_SESSION['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax']; // default comes from config.php
}
Code: // start logging..
$IP = $_SERVER["REMOTE_ADDR"];
$DATE = date('r');
$REFER = $_SERVER["HTTP_REFERER"];
$AGENT = $_SERVER["HTTP_USER_AGENT"];
$LOGIN_STATUS = "Logged In";
$sqllog ="INSERT INTO login_log(user,ip,referer,agent,date,status) VALUES('". $Name ."','". $IP . "','". $REFER . "','".$AGENT."','".$DATE."','" . $LOGIN_STATUS . "')";
$Log_Result = DB_query($sqllog, $db);
// end of loging..
Please give comment..
|
|
05-05-2014, 02:33 PM,
|
|
Exsonqu_Qu
Senior Member
|
Posts: 411
Threads: 5
Joined: Jan 2012
|
|
RE: IP Logging..
[undefined=undefined]Hi, Kelo,[/undefined]
It's nice.
Is it necessary to record the $_SESSION ID, and check the user's account login status? Then if the account has logged in, then we kick out the previous logged in account to improve the security? And it will be great to know who is on line for administrator sometime.
Best regards!
Exson
(05-05-2014, 12:16 PM)kelo Wrote: Hi.. i am adding IP Logging into my weberp
include/UserLogin.php
I added login_log table on database
Code: CREATE TABLE IF NOT EXISTS `login_log` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user` varchar(50) NOT NULL,
`ip` varchar(50) NOT NULL,
`referer` varchar(150) NOT NULL,
`agent` varchar(150) NOT NULL,
`date` varchar(35) NOT NULL,
`status` varchar(10) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;
and insert script in include/UserLogin.php after this line of code
Code: } else {
$_SESSION['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax']; // default comes from config.php
}
Code: // start logging..
$IP = $_SERVER["REMOTE_ADDR"];
$DATE = date('r');
$REFER = $_SERVER["HTTP_REFERER"];
$AGENT = $_SERVER["HTTP_USER_AGENT"];
$LOGIN_STATUS = "Logged In";
$sqllog ="INSERT INTO login_log(user,ip,referer,agent,date,status) VALUES('". $Name ."','". $IP . "','". $REFER . "','".$AGENT."','".$DATE."','" . $LOGIN_STATUS . "')";
$Log_Result = DB_query($sqllog, $db);
// end of loging..
Please give comment..
|
|
05-06-2014, 12:04 PM,
|
|
kelo
Member
|
Posts: 25
Threads: 14
Joined: May 2013
|
|
RE: IP Logging..
i think it is necessary to add function to kick previous login account to make sure theres only 1 account is logged in for an account..
any idea how to know if someone is still logged in or have been idle or even have closed their internet browser?
|
|
05-07-2014, 07:21 PM,
|
|
serakfalcon
Senior Member
|
Posts: 62
Threads: 11
Joined: Feb 2014
|
|
RE: IP Logging..
(05-06-2014, 12:04 PM)kelo Wrote: i think it is necessary to add function to kick previous login account to make sure theres only 1 account is logged in for an account..
any idea how to know if someone is still logged in or have been idle or even have closed their internet browser?
All the $_Session data is stored in a text file that can be accessed by PHP, so technically you can find all this out by accessing that file. session_save_path() should give you where the files are stored. You could use that to find sessions. You shouldn't restrict users to only 1 session/login however, maybe 1 session/login per IP is better. You can't know if they are idle or have closed their internet browser without some AJAX, and even then it's not guaranteed to work.
Quote:Is it necessary to record the $_SESSION ID, and check the user's account login status? Then if the account has logged in, then we kick out the previous logged in account to improve the security?
it's not necessary to record the session id, that just opens up doors for problems. How do you tell the difference between a 'previous log in' and multiple tabs?
|
|
07-14-2017, 05:17 PM,
|
|
snehapinky
Member
|
Posts: 1
Threads: 0
Joined: Jul 2017
|
|
RE: IP Logging..
Comment IP Logging can be enabled on the Privacy tab of the My Account Settings page using the "IP address log" option. You can choose
|
|
|