2013-08-20, 03:36 PM
Hi Nathan Malcolm could you help me please I am trying to restrict login to Administrator and Moderator groups, so that they will only be able to login with the IP address they have created their account or registered.
Can you please check this code for possible security issues, and if it will actually work? I know you helped develop MyBB so you are one of few people that can say if this code is a go or nogo!
This code has been suggested by Cedric
functions_user.php
member.php
X and Y is where I put group ID
Can you please check this code for possible security issues, and if it will actually work? I know you helped develop MyBB so you are one of few people that can say if this code is a go or nogo!
This code has been suggested by Cedric
functions_user.php
// REGIP = new param
$query = $db->simple_select("users", "uid,username,password,salt,loginkey,usergroup,regip", "uid='".intval($uid)."'", array('limit' => 1));
$user = $db->fetch_array($query);
}
if(!$user['salt'])
{
member.php
elseif($user['usergroup'] == X || $user['usergroup'] == Y)
{
$currentip = $_SERVER['REMOTE_ADDR'];
if ($currentip != $user['regip'])
{
$errors[] = "Cannot log you in!";
}
}
X and Y is where I put group ID