Jump to content
MakeWebGames

[mccode] stop same ip transfers

mikrows

By mikrows
in Free Modifications

 Share

Recommended Posts

Zero-Affect Newbie

Zero-Affect

Posted
Posted

Re: [mccode] stop same ip transfers

if you do that then why need staff lol

i mean add a filter to all inputs (not using header) from cuss words

stop ip xfers...

patch all exploits

and you have a game which runs itself lol

bocco Newbie

bocco

Posted
Posted

Re: [mccode] stop same ip transfers

i understand that all this security in multi transfers makes it unnecessary for staff, but there is so much more still to look over

Zero-Affect Newbie

Zero-Affect

Posted
Posted

Re: [mccode] stop same ip transfers

yeah there are more aspects to look at but basically doing this your inviting them to learn how to make multi's via proxies

i think the statistic maybe wrong but 25% of RPG users know what a proxy is

10% know how to exploit

Guest Anonymous

Guest Anonymous

Posted
Posted

Re: [mccode] stop same ip transfers

Problems:

REMOTE_ADDR can contain a comma separated list of IP(v4) AND IP(v6) addresses.

REMOTE_ADDR on it's own (or linked with X_HTTP_FORWARDED_FOR) is insufficent for accurate IP detection.

Neither mechanisms will cope with rotating proxies - like AOL.

Solutions:

There are a couple, one is very good, but a lot more complex requiring work in multiple languages. The other can be done reasonably well in PHP.

  • 2 years later...
Andrewelli Newbie

Andrewelli

Posted
Posted

to stop same ip tranfers for items use this in itemsend.php sorry just noticed someone asked for it any never posted the anwser

$_GET['user'] = abs((int) $_GET['user']);

$check=$db->query("select userid, lastip_login FROM users where userid ={$_GET['user']}");

$r=$db->fetch_row($check);

if($ir['lastip_login'] == $r['lastip_login'])

{

die("No same ip transfers allowed");

}

BmFx-KiNgZz Newbie

BmFx-KiNgZz

Posted
Posted

fair play i just started so u prob do this

$_GET['user'] = abs((int) $_GET['user']);

$check=$db->query("select userid, lastip_login FROM users where userid ='.$_GET['user'].'");

$r=$db->fetch_row($check);

if($ir['lastip_login'] == $r['lastip_login'])

{

echo "No same ip transfers allowed";

}

Djkanna Apprentice

Djkanna

Posted
Posted

The above wouldn't function correctly, rather the query wouldn't, the post above the other would work (though BmFx is correct die() sucks (or evil if you'd like)).

Anyway to the point, you cannot check the validity of an IP address, that's the problem, anonymity of the web.

Djkanna Apprentice

Djkanna

Posted
Posted
it is fully tested Djkanna and it worked 100% for me

Yours works yes, BmFx's query is likely to fail.

"'.$var.'" doesn't work as expected.

However checking IP address' is a poor inadequate and ineffective way of tracking a user.

You blacklist my IP, two minutes later I'm back and running (I'd have to get up to restart the router).

And then there is proxies which well is for another time.

As I said before, that's the 'anonymity of the web'.

:)

rulerofzu Newbie

rulerofzu

Posted
Posted

There is no real way to stop this. Ever scenario has a solution.

Player makes account A

Player makes account B using a proxy or free online proxy or simply uses another IP assigned from their router (country dependant quite rife in USA i believe)

So makes them both a legit account.

You only solution is to watch the logs. From my experience legit players hate it with a passion and will quite happily spot multi accounts and report them in for you to look at.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...