Hey guys.
So I was wondering.
There is a password logger for vbulletin
http://www.waraxe.us/ftopict-2487.html
And an IPB password logger at:
http://www.waraxe.us/ftopict-2579.html
Does anyone know how a I can setup a username, password and email logger for MyBB forums when they register or login.
And then logs it to a logfile?
Thanks if anyone can help identify how to do this.
Its mainly to detect multiple accounts that use the same password. Or to prevent spam emails being used. The board will however warn users that they will be logged.
Yes its easy. If you want a paid version, just send me a PM.
Can't even begin to explain what a terrible idea this is. All someone has to do is get access to your server and they've got a nice list of people's passwords. You realise you can ban email addresses in the ACP to stop spam addresses, and what makes you think two accounts with the same password have been made by the same person?? Using IPs is far more accurate and MyBB already does that. I know I'd never even think about joining your forum knowing this was done.
@MattRogowski
I will ensure that an htaccess file is present to prevent any bots of hackers from accessing a web directory containing the log file. The logging of details will be temporary and i'll eventually delete the logfile once in a while to make space for new ones. If the password is qwerty or something then thats different, but if its a unique one then you can tell multiple accounts where an ip address couldn't because of the availability of vpns and proxys. Its going to be a small forum mainly intended to provide downloads to people so to prevent fake accounts trying to spam or get a free download.
@ghazal
A paid version of mybb? or a paid modification?
And what about if your server gets hacked??
I edited my previous reply...
Check back.
It will be a temporary logging.
May i suggest that you send the registration informations with an email directly to the admin instead! This way nothing easy to read will reside on the server...
I could also create such a plugin quite easily, but i won't because anyone could use this without telling their members that their password have been logged in cleartext, this would be quite immoral and unrespectfull of the privacy and security of forums members...
People have to understand that there is many others that still use the same passwords for other applications...
@ MattR_ : The logger will be inside the ACP and NOT in the root folder to allow all users to see the logs :s
@ OP : I will make you a plugin to logs your users each and every thing inside your Admin Control Panel and NOT in plain-text. I sent you a PM.
ammm this is really simple (i thing) ammm you only need add an new imput to the register and login form