Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
IP Logging..
05-05-2014, 12:16 PM, (This post was last modified: 05-05-2014, 12:42 PM by kelo.)
#1
IP Logging..
Hi.. i am adding IP Logging into my weberp

include/UserLogin.php

I added login_log table on database

Code:
CREATE TABLE IF NOT EXISTS `login_log` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user` varchar(50) NOT NULL,
  `ip` varchar(50) NOT NULL,
  `referer` varchar(150) NOT NULL,
  `agent` varchar(150) NOT NULL,
  `date` varchar(35) NOT NULL,
  `status` varchar(10) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;

and insert script in include/UserLogin.php after this line of code
Code:
            } else {
                $_SESSION['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax'];  // default comes from config.php
            }


Code:
// start logging..

        $IP = $_SERVER["REMOTE_ADDR"];
        $DATE = date('r');
        $REFER = $_SERVER["HTTP_REFERER"];
        $AGENT = $_SERVER["HTTP_USER_AGENT"];
        $LOGIN_STATUS = "Logged In";
        
        $sqllog ="INSERT INTO login_log(user,ip,referer,agent,date,status) VALUES('". $Name ."','". $IP . "','". $REFER . "','".$AGENT."','".$DATE."','" . $LOGIN_STATUS . "')";
        $Log_Result = DB_query($sqllog, $db);
// end of loging..

Please give comment..
Reply
05-05-2014, 02:33 PM,
#2
RE: IP Logging..
[undefined=undefined]Hi, Kelo,[/undefined]

It's nice.

Is it necessary to record the $_SESSION ID, and check the user's account login status? Then if the account has logged in, then we kick out the previous logged in account to improve the security? And it will be great to know who is on line for administrator sometime.

Best regards!

Exson

(05-05-2014, 12:16 PM)kelo Wrote: Hi.. i am adding IP Logging into my weberp

include/UserLogin.php

I added login_log table on database

Code:
CREATE TABLE IF NOT EXISTS `login_log` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user` varchar(50) NOT NULL,
  `ip` varchar(50) NOT NULL,
  `referer` varchar(150) NOT NULL,
  `agent` varchar(150) NOT NULL,
  `date` varchar(35) NOT NULL,
  `status` varchar(10) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;

and insert script in include/UserLogin.php after this line of code
Code:
            } else {
                $_SESSION['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax'];  // default comes from config.php
            }


Code:
// start logging..

        $IP = $_SERVER["REMOTE_ADDR"];
        $DATE = date('r');
        $REFER = $_SERVER["HTTP_REFERER"];
        $AGENT = $_SERVER["HTTP_USER_AGENT"];
        $LOGIN_STATUS = "Logged In";
        
        $sqllog ="INSERT INTO login_log(user,ip,referer,agent,date,status) VALUES('". $Name ."','". $IP . "','". $REFER . "','".$AGENT."','".$DATE."','" . $LOGIN_STATUS . "')";
        $Log_Result = DB_query($sqllog, $db);
// end of loging..

Please give comment..

Reply
05-06-2014, 12:04 PM,
#3
RE: IP Logging..
i think it is necessary to add function to kick previous login account to make sure theres only 1 account is logged in for an account..
any idea how to know if someone is still logged in or have been idle or even have closed their internet browser?
Reply
05-07-2014, 07:21 PM,
#4
RE: IP Logging..
(05-06-2014, 12:04 PM)kelo Wrote: i think it is necessary to add function to kick previous login account to make sure theres only 1 account is logged in for an account..
any idea how to know if someone is still logged in or have been idle or even have closed their internet browser?

All the $_Session data is stored in a text file that can be accessed by PHP, so technically you can find all this out by accessing that file. session_save_path() should give you where the files are stored. You could use that to find sessions. You shouldn't restrict users to only 1 session/login however, maybe 1 session/login per IP is better. You can't know if they are idle or have closed their internet browser without some AJAX, and even then it's not guaranteed to work.

Quote:Is it necessary to record the $_SESSION ID, and check the user's account login status? Then if the account has logged in, then we kick out the previous logged in account to improve the security?

it's not necessary to record the session id, that just opens up doors for problems. How do you tell the difference between a 'previous log in' and multiple tabs?
Reply
07-14-2017, 05:17 PM,
#5
RE: IP Logging..
Comment IP Logging can be enabled on the Privacy tab of the My Account Settings page using the "IP address log" option. You can choose
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)