Current time: 07-28-2014, 08:16 AM Hello There, Guest! (LoginRegister)


Post Reply 
 
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[For 1.6] MySessions
03-08-2012, 03:22 AM (This post was last modified: 03-09-2012 05:07 PM by Paul H..)
Post: #1
MySessions
MySessions

Description:
With this plugin, users can view all of their account's current sessions and log out any sessions they find suspicious. Admins can view all sessions. Based on the functionality found in Gmail and Deviantart.

The below screenshot shows the usercp?action=mysessions page. The useragent "1'" was made by Nathan as he was testing the plugin for vulnerabilities, of which he found some and I fixed immediately Toungue

IP address links go to *the ip address*.ipaddress.com. If the plugin can, it will display the hostname and location of the IP address.

[Image: gyrd.png]

If there are multiple sessions for the same account, a warning shows up (which can be dismissed)

[Image: gysk.png]

Install:
This plugin adds one database table and edits one template.

Upgrade:
From 1.0 to 1.1: re-upload mysessions.php
From 1.0, 1.1 to 1.2: re-upload mysessions.php, deactivate and reactivate. This is needed to add a new column, uid, to the mysessions_kill table.

Change log:
1.0: Initial release
1.1: Minor bug fixes, and feature Multiple Sessions Alerts added
1.2 Added features:
  • Cancel kill request
  • Search by IP/username
Miscellaneous bug fixes
Fully commented code
[b]1.3:[b] SQLi problem affecting 1.2 fixed

Support:

Support will be given on MyBB Security.

http://www.mybbsecurity.net/topic-mysessions

Download:

Please download from MyBB Security to keep download counts accurate.

http://www.mybbsecurity.net/topic-mysessions

-Paul H.
Please feel free to PM regarding issues within the community, the blog, social media pages, or the public image of MyBB.

Cogisne lingua latina?
Find all posts by this user
Quote this message in a reply
03-08-2012, 03:43 AM
Post: #2
RE: MySessions
Will definetely at-least try it out.

Support PM's will be ignored. Angel
Visit this user's website Find all posts by this user
Quote this message in a reply
03-08-2012, 03:44 AM
Post: #3
RE: MySessions
It's been security audited by Nathan Malcolm so you know it's secure Toungue

-Paul H.
Please feel free to PM regarding issues within the community, the blog, social media pages, or the public image of MyBB.

Cogisne lingua latina?
Find all posts by this user
Quote this message in a reply
03-08-2012, 05:46 AM
Post: #4
RE: MySessions
This user has been denied support. This user has been denied support.
Looks great Paul.

Z5T - Dynamic URL Shortener
My Plugins & Themes
Find all posts by this user
Quote this message in a reply
03-08-2012, 06:30 AM
Post: #5
RE: MySessions
(03-08-2012 03:44 AM)Paul H. Wrote:  It's been security audited by Nathan Malcolm so you know it's secure Toungue
Hahaha

I may put this on my forum in the future. It seems like it could have a benefit for high-powered accounts, as they could stop another session if needed.

Nathan Malcolm Wrote:* Nathan Malcolm likes how Facebook sent him a white page and a "500 OK" response code
* Nathan Malcolm says "No facebook, that is not OK."
Visit this user's website Find all posts by this user
Quote this message in a reply
03-09-2012, 03:42 AM
Post: #6
RE: MySessions
Finally! Somebody who takes security seriously! Installing!

[Image: signature.php?uid=1]
Visit this user's website Find all posts by this user
Quote this message in a reply
03-09-2012, 07:41 PM
Post: #7
RE: MySessions
Updated to 1.3.1.

-Paul H.
Please feel free to PM regarding issues within the community, the blog, social media pages, or the public image of MyBB.

Cogisne lingua latina?
Find all posts by this user
Quote this message in a reply
03-13-2012, 12:33 AM
Post: #8
RE: MySessions
Upgrade instructions?

[Image: signature.php?uid=1]
Visit this user's website Find all posts by this user
Quote this message in a reply
03-13-2012, 12:35 AM
Post: #9
RE: MySessions
(03-08-2012 03:22 AM)Paul H. Wrote:  Upgrade:
From 1.0 to 1.1: re-upload mysessions.php
From 1.0, 1.1 to 1.2, 1.3.x: re-upload mysessions.php, deactivate and reactivate. This is needed to add a new column, uid, to the mysessions_kill table.

-Paul H.
Please feel free to PM regarding issues within the community, the blog, social media pages, or the public image of MyBB.

Cogisne lingua latina?
Find all posts by this user
Quote this message in a reply
03-13-2012, 03:36 AM
Post: #10
RE: MySessions
Can I know how a complex password looks like? I thought my email password was enough complex Confused

Support PM's will be ignored. Angel
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | MyBB | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication