Signup using referral check for duplicate IP (Page 1) - Extensions and Mods

1 Topic by misulicus 2011-10-04 17:26:16

misulicus
Professional member
Offline

From: Romania
Registered: 2009-05-10
Posts: 460

Topic: Signup using referral check for duplicate IP

This change will compare the IP of the user who will sign up now with the IP of the user who sent the invitation (using his IP from signing up time)
If ip is the same, the referal wont count, if not it will work as normally

Code is below.
Used latest vldP 2.7 version
Inside lib.account_register.php find:

if ($PREFS->conf['enable_referals'] && isset($_COOKIE['ref']) && is_numeric($_COOKIE['ref']))

and ending with the last

    }
    else
        $refid = 0;

And replace it with the following:

    //------------------------------------------------
    // Get referal id
    //------------------------------------------------
    if ($PREFS->conf['enable_referals'] && isset($_COOKIE['ref']) && is_numeric($_COOKIE['ref']))
    {
        $refid = intval($_COOKIE['ref']);


        //------------------------------------------------
        // Get referal
        //------------------------------------------------
        $result = $DB->query("SELECT group_id, totalreferrals, ipaddress FROM " . DB_PREFIX . "members WHERE member_id='$refid' LIMIT 1");


        //------------------------------------------------
        // Check if resultset contains any rows
        //------------------------------------------------
        if ($DB->num_rows($result))
        {
            //------------------------------------------------
            // Fetch resultset
            //------------------------------------------------
            $obj = $DB->fetch_object($result);

            //------------------------------------------------
            // Check for same IP adress
            //------------------------------------------------
            if ( isset($_SERVER["REMOTE_ADDR"]) )    { 
                $ip=$_SERVER["REMOTE_ADDR"]; 
            } else if ( isset($_SERVER["HTTP_X_FORWARDED_FOR"]) )    { 
                $ip=$_SERVER["HTTP_X_FORWARDED_FOR"]; 
            } else if ( isset($_SERVER["HTTP_CLIENT_IP"]) )    { 
                $ip=$_SERVER["HTTP_CLIENT_IP"]; 
            }
            if($ip != $obj->ipaddress)
            {
                //------------------------------------------------
                // Check if member can refer members
                //------------------------------------------------
                if ($PREFS->get_permissions($obj->group_id, 'can_refer_members'))
                {
                    //------------------------------------------------
                    // Update referal's counter
                    //------------------------------------------------
                    $DB->query("UPDATE " . DB_PREFIX . "members SET totalreferrals=totalreferrals+1 WHERE member_id='$refid' LIMIT 1");
                    $obj->totalreferrals++;


                    //------------------------------------------------
                    // Check if referal upgrades are enabled
                    //------------------------------------------------
                    if ($PREFS->conf['referals_upgrade_members'] && $PREFS->get_permissions($obj->group_id, 'can_refer_upgrades'))
                    {
                        //------------------------------------------------
                        // Check if upgrade is required
                        //------------------------------------------------
                        if ( $obj->totalreferrals && ($obj->totalreferrals % $PREFS->conf['referals_upgrade_members']) == 0)
                        {
                            //------------------------------------------------
                            // Update member's group
                            //------------------------------------------------
                            set_membership_term($refid, 0, $PREFS->conf['referals_member_group'], 'day', $PREFS->conf['referals_upgrade_length']);
                        }
                    }


                    //------------------------------------------------
                    // Delete cookie
                    //------------------------------------------------
                    @setcookie("ref", "", time()-60, "/");
                }
                else
                    $refid = 0;
            }
            else
                $refid = 0;
        }
        else
            $refid = 0;
    }
    else
        $refid = 0;

Script Installs | Site Transfers | vldPersonals Mods
Url Shortening Service

2 Reply by dragon 2011-10-04 22:06:35

dragon
Power member
Offline

From: Bangkok
Registered: 2006-02-22
Posts: 1,330

Re: Signup using referral check for duplicate IP

There is a big risk in denying IPs in that way. Many people still use internet cafes, so referals could have the same IP. In my country thousands of users share IP numbers across a range which can change on a regular basis - I live in a compound of about 100 homes and we all share the same IP. Not every computer has a fixed IP.

Last edited by dragon (2011-10-04 22:09:36)

dragon's Website

3 Reply by definitive 2011-10-07 11:20:23

definitive
Junior member
Offline

From: Ottawa
Registered: 2009-01-26
Posts: 95

Re: Signup using referral check for duplicate IP

It sounds like a decent solution but can still be easily defeated by simply using a proxy

Forum

Signup using referral check for duplicate IP

Posts [ 3 ]

1 Topic by misulicus 2011-10-04 17:26:16

Topic: Signup using referral check for duplicate IP

2 Reply by dragon 2011-10-04 22:06:35

Re: Signup using referral check for duplicate IP

3 Reply by definitive 2011-10-07 11:20:23

Re: Signup using referral check for duplicate IP

Posts [ 3 ]