Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
IP Logging..
05-05-2014, 12:16 PM (This post was last modified: 05-05-2014 12:42 PM by kelo.)
Post: #1
IP Logging..
Hi.. i am adding IP Logging into my weberp

include/UserLogin.php

I added login_log table on database

Code:
CREATE TABLE IF NOT EXISTS `login_log` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user` varchar(50) NOT NULL,
  `ip` varchar(50) NOT NULL,
  `referer` varchar(150) NOT NULL,
  `agent` varchar(150) NOT NULL,
  `date` varchar(35) NOT NULL,
  `status` varchar(10) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;

and insert script in include/UserLogin.php after this line of code
Code:
            } else {
                $_SESSION['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax'];  // default comes from config.php
            }


Code:
// start logging..

        $IP = $_SERVER["REMOTE_ADDR"];
        $DATE = date('r');
        $REFER = $_SERVER["HTTP_REFERER"];
        $AGENT = $_SERVER["HTTP_USER_AGENT"];
        $LOGIN_STATUS = "Logged In";
        
        $sqllog ="INSERT INTO login_log(user,ip,referer,agent,date,status) VALUES('". $Name ."','". $IP . "','". $REFER . "','".$AGENT."','".$DATE."','" . $LOGIN_STATUS . "')";
        $Log_Result = DB_query($sqllog, $db);
// end of loging..

Please give comment..
Find all posts by this user
Quote this message in a reply
05-05-2014, 02:33 PM
Post: #2
RE: IP Logging..
[undefined=undefined]Hi, Kelo,[/undefined]

It's nice.

Is it necessary to record the $_SESSION ID, and check the user's account login status? Then if the account has logged in, then we kick out the previous logged in account to improve the security? And it will be great to know who is on line for administrator sometime.

Best regards!

Exson

(05-05-2014 12:16 PM)kelo Wrote:  Hi.. i am adding IP Logging into my weberp

include/UserLogin.php

I added login_log table on database

Code:
CREATE TABLE IF NOT EXISTS `login_log` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `user` varchar(50) NOT NULL,
  `ip` varchar(50) NOT NULL,
  `referer` varchar(150) NOT NULL,
  `agent` varchar(150) NOT NULL,
  `date` varchar(35) NOT NULL,
  `status` varchar(10) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=0 ;

and insert script in include/UserLogin.php after this line of code
Code:
            } else {
                $_SESSION['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax'];  // default comes from config.php
            }


Code:
// start logging..

        $IP = $_SERVER["REMOTE_ADDR"];
        $DATE = date('r');
        $REFER = $_SERVER["HTTP_REFERER"];
        $AGENT = $_SERVER["HTTP_USER_AGENT"];
        $LOGIN_STATUS = "Logged In";
        
        $sqllog ="INSERT INTO login_log(user,ip,referer,agent,date,status) VALUES('". $Name ."','". $IP . "','". $REFER . "','".$AGENT."','".$DATE."','" . $LOGIN_STATUS . "')";
        $Log_Result = DB_query($sqllog, $db);
// end of loging..

Please give comment..
Find all posts by this user
Quote this message in a reply
05-06-2014, 12:04 PM
Post: #3
RE: IP Logging..
i think it is necessary to add function to kick previous login account to make sure theres only 1 account is logged in for an account..
any idea how to know if someone is still logged in or have been idle or even have closed their internet browser?
Find all posts by this user
Quote this message in a reply
05-07-2014, 07:21 PM
Post: #4
RE: IP Logging..
(05-06-2014 12:04 PM)kelo Wrote:  i think it is necessary to add function to kick previous login account to make sure theres only 1 account is logged in for an account..
any idea how to know if someone is still logged in or have been idle or even have closed their internet browser?

All the $_Session data is stored in a text file that can be accessed by PHP, so technically you can find all this out by accessing that file. session_save_path() should give you where the files are stored. You could use that to find sessions. You shouldn't restrict users to only 1 session/login however, maybe 1 session/login per IP is better. You can't know if they are idle or have closed their internet browser without some AJAX, and even then it's not guaranteed to work.

Quote:Is it necessary to record the $_SESSION ID, and check the user's account login status? Then if the account has logged in, then we kick out the previous logged in account to improve the security?

it's not necessary to record the session id, that just opens up doors for problems. How do you tell the difference between a 'previous log in' and multiple tabs?
Find all posts by this user
Quote this message in a reply
07-14-2017, 05:17 PM
Post: #5
RE: IP Logging..
Comment IP Logging can be enabled on the Privacy tab of the My Account Settings page using the "IP address log" option. You can choose
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)