[+] sessions.php şişiriyorlar

phpBB güvenliği.

[+] sessions.php şişiriyorlar

İleti EFE03 30.09.2006, 18:52

arkadaslar sessions tablosanı şişiriyorlar...bu yüzden forum çöktü ama hosting firmamız düzeltti..sanırım sürekli sayfayı yeniliyor ve dsdos atıyor...buna engel olabilirmiyim..
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

Cvp: sessions.php şişiriyorlar

İleti KaRiZMa18 01.10.2006, 00:36

Kod: Tümünü seç
Automatic table emptying script

This fix is the first one you should try and nearly always works. Thanks to Ashe for writing it and morpheus2matrix for providing it. Open includes/sessions.php using a text/code editor such as Wordpad, and find the following code (line 152).

include/session.php aç


Code:
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);

Replace this with the following code.

Code:
$error = TRUE;
if (SQL_LAYER == "mysql" || SQL_LAYER == "mysql4")
{
$sql_error = $db->sql_error($result);
if ($sql_error["code"] == 1114)
{
$result = $db->sql_query('SHOW TABLE STATUS LIKE "'.SESSIONS_TABLE.'"');
$row = $db->sql_fetchrow($result);
if ($row["Type"] == "HEAP" || $row["Engine"] == "MEMORY")
{
if ($row["Rows"] > 2500)
{
$delete_order = (SQL_LAYER=="mysql4") ? " ORDER BY session_time ASC" : "";
$db->sql_query("DELETE QUICK FROM ".SESSIONS_TABLE."$delete_order LIMIT 50");
}
else
{
$db->sql_query("ALTER TABLE ".SESSIONS_TABLE." MAX_ROWS=".($row["Rows"]+50));
}
if ($db->sql_query($sql))
{
$error = FALSE;
}
}
}
}
if ($error)
{
message_die(CRITICAL_ERROR, "Error creating new session", "", __LINE__, __FILE__, $sql);
}


Bu Sorununu Görecektir İyi Günler
KariZMa
Kullanıcı avatarı
KaRiZMa18
Üye
Üye
 
İleti: 143
Kayıt: 24.12.2005, 23:11
Konum: Ankara

İleti EFE03 01.10.2006, 08:44

sağol...bu ne gibi saldırıları önlüyor ddos??mu
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

İleti akşamsabah 01.10.2006, 08:55

session tablosununu boşaltır dolduğunda
akşamsabah
Üye
Üye
 
İleti: 143
Kayıt: 06.02.2006, 13:50
Konum: İstanbul

Cvp: sessions.php şişiriyorlar

İleti EFE03 01.10.2006, 18:31

otamatikmi basalıyor
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

İleti akşamsabah 01.10.2006, 19:56

herhalde

Automatic table emptying script
akşamsabah
Üye
Üye
 
İleti: 143
Kayıt: 06.02.2006, 13:50
Konum: İstanbul

İleti Simuzer 01.10.2006, 20:25

2500 satıra ulaştığında, yani 2500 adet session bilgi kaydını aştığında boşaltıyor. Buradaki 2500 değerini değiştirebilirsiniz.
Kullanıcı avatarı
Simuzer
Geliştirme Grubu
Geliştirme Grubu
 
İleti: 669
Kayıt: 09.11.2005, 09:34
Konum: İstanbul

İleti BaRCeLoNa 01.10.2006, 21:13

yararlı bir kod ..
barcelona tema v 1.0 %40 [ l l l l l l l l l ]
http://www.forumuni.com
Kullanıcı avatarı
BaRCeLoNa
Üye
Üye
 
İleti: 271
Kayıt: 16.05.2006, 23:26
Konum: İzmir

Cvp: sessions.php şişiriyorlar

İleti EFE03 02.10.2006, 06:11

forumun çökmemesi için 2500 kaç yapmam gerek 2500 normalmi
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

Cvp: sessions.php şişiriyorlar

İleti

ALEXIS
02.10.2006, 08:47

Bende de bir kaç mod var, şişen session tablosu için:


"Error creating new session" hatası çözümleri ve önlemleri


Bu yazıda kullanılan modlar

Fix Session Error [1.0.1]
Guest Sessions MOD [0.04]
Remove Duplicate Sessions [1.0.0]



İlk mod, dolan session tablosunu siliyor. Peki ne zaman siliyor ? "Error creating new session" hatası yerine ekleniyor kodlar bu da demektir ki, hata oluştuğu an (oluşmayacak artık) siliyor.

Kod: Tümünü seç
##############################################################
## MOD Title: Fix Session Error
## MOD Author: TerraFrost < N/A > (Jim Wigginton) http://www.frostjedi.com/phpbb
## MOD Description: Makes "Error creating new session" errors that much harder to occur.
## MOD Version: 1.0.1
##
## Installation Level: Easy
## Installation Time: 1 Minutes
##
## Files To Edit: 1
##      includes/sessions.php
##############################################################
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://www.phpbb.com/mods/
##############################################################
## Author Notes:
##
##############################################################
## MOD History:
##
##     1.0.1: - fixed a bug whereby logged in users got logged out.
##            - fixed a bug preventing hack from working on boards with prefixes
##              other than phpbb_
##     1.0.0: - initial release
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ OPEN ]------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]------------------------------------------
#
         message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);

#
#-----[ REPLACE WITH ]----------------------------------
#

//-- [+] MOD: Fix Session Error -----------------------------------------
//-- replace
//
//         message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
//
         $sql2 = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_logged_in = 0;";
         if (!$db->sql_query($sql2))
         {
            message_die(CRITICAL_ERROR, 'Error clearing session table', '', __LINE__, __FILE__, $sql2);
         }
         if ( !$db->sql_query($sql) )
         {
            message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
         }
//
//-- [-] MOD: Fix Session Error -----------------------------------------

#
#-----[   SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM



Diğer modumuz ise, misafirler için sid olayını, yani session olayını kaldırıyor, bunu seo için de kullanıyoruz.

Kod: Tümünü seç
#################################################################
## MOD Title: Guest Sessions MOD
## MOD Version: 0.04
## MOD Author: CyberAlien <no@public_email> (Vjacheslav Trushkin) http://www.phpbbstyles.com
## MOD Description:
##      This mod removes session id for guests from url and this way
##      guests who don't have cookies like different robots will use
##      correct urls. It can be used to allow googlebot and other
##      search engines to spider your forum correctly.
##
## Installation Level:   Easy
## Installation Time:   1-2 Minutes
## Files To Edit (1): includes/sessions.php
##############################################################
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://www.phpbb.com/mods/
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################

#
#-----[ OPEN ]---------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]---------------------------------------------
# around line 157
   $sql = "UPDATE " . SESSIONS_TABLE . "
      SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
      WHERE session_id = '" . $session_id . "'
         AND session_ip = '$user_ip'";

#
#-----[ REPLACE WITH ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- replace
//
/*
   $sql = "UPDATE " . SESSIONS_TABLE . "
      SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
      WHERE session_id = '" . $session_id . "'
         AND session_ip = '$user_ip'";
*/
   $sql_ip = $user_id == ANONYMOUS ? " AND session_ip = '$user_ip'" : '';
   $sql = "UPDATE " . SESSIONS_TABLE . "
      SET session_ip = '$user_ip', session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
      WHERE session_id = '" . $session_id . "' $sql_ip
         AND session_user_id = '$user_id'";
//
//-- [-] Guest Sessions ------------------------------------------


#
#-----[ FIND ]---------------------------------------------
# around line 210
   $SID = 'sid=' . $session_id;

#
#-----[ REPLACE WITH ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- replace
//
//   $SID = 'sid=' . $session_id;
//
   $SID = $user_id > 0 ? 'sid=' . $session_id : '';
//
//-- [-] Guest Sessions ------------------------------------------

#
#-----[ FIND ]---------------------------------------------
# around line 288
            $SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';

#
#-----[ REPLACE WITH ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- replace
//
//            $SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';
//
            $SID = $userdata['user_id'] > 0 ? (($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '') : '';
//
//-- [-] Guest Sessions ------------------------------------------


#
#-----[ FIND ]---------------------------------------------
# around line 340
   //
   // If we reach here then no (valid) session exists. So we'll create a new one,
#
#-----[ BEFORE, ADD ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- add
//
   elseif(empty($sessiondata))
   {
      // try to login guest
      $sql = "SELECT u.*, s.*
         FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
         WHERE s.session_ip = '$user_ip'
            AND s.session_user_id = " . ANONYMOUS . "
            AND u.user_id = s.session_user_id
               LIMIT 0, 1";
      if ( !($result = $db->sql_query($sql)) )
      {
         message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
      }

      $userdata = $db->sql_fetchrow($result);

      if ( isset($userdata['user_id']) )
      {
         if ( $current_time - $userdata['session_time'] > 60 )
         {
            $sql = "UPDATE " . SESSIONS_TABLE . "
               SET session_time = $current_time, session_start = $current_time, session_page = 0
               WHERE session_id = '" . $userdata['session_id'] . "'";
            if ( !$db->sql_query($sql) )
            {
               message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
            }
         }
         return $userdata;
      }
   }
//
//-- [-] Guest Sessions ------------------------------------------

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM



Üçüncü modumuz, tekrar eden veya eskimiş sessionları temizliyor, bunun da session tablosu üzerinde yararı var.

Kod: Tümünü seç
##############################################################
## MOD Title: Remove Duplicate Sessions
## MOD Author: nurhendra < N/A > (Nur Hendra) N/A
## MOD Description: To remove duplicate/old sessions from the same user.
## MOD Version: 1.0.0
##
## Installation Level: Easy
## Installation Time: ~1 Minutes
## Files To Edit: includes/sessions.php
## Included Files: n/a
##############################################################
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://www.phpbb.com/mods/
##############################################################
## Author Notes: This MOD will remove duplicate/old sessions when a
##               user is logging in to increase security (i.e. last
##               session info when logged from Browser/PC #1 will be
##               removed when user is logging in from Browser/PC #2).
##
##############################################################
## MOD History:
##
##   2005-03-27 - Version 1.0.0
##      - Initial release
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################

#
#-----[ OPEN ]------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]------------------------------------------
#
   //
   // Create or update the session
   //

#
#-----[ AFTER, ADD ]------------------------------------------
#
//-- [+] Remove Duplicate Sessions -------------------------------
//-- add
//
   $sql = "DELETE FROM " . SESSIONS_TABLE .
      " WHERE session_user_id = " . $user_id .
      " AND session_id <> '" . $session_id ."'";
   if ( !$db->sql_query($sql) )
   {
      message_die(GENERAL_ERROR, 'Error in removing duplicate sessions', '', __LINE__, __FILE__, $sql);
   }
//
//-- [-] Remove Duplicate Sessions -------------------------------


#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
Kullanıcı avatarı
ALEXIS
Site Yöneticisi
Site Yöneticisi
 
İleti: 2563
Kayıt: 30.06.2005, 09:08

Cvp: [+] sessions.php şişiriyorlar

İleti EFE03 02.10.2006, 14:44

sayın,elixis çok tsk ediyorum oldu...adam ayın 27 sinde foruma index atmaya çalışmıs sanırım..bende phpbb sectury ve tracker(4.8 sürüm) var...tracker yakalamıs saldırıyı...foruma zarar verme şansı varmı?elimden gelen bütün güvenlikleri kurdum burdaki

1 ve 3 modu uyguladım


tsk ediyorum



ilginizden dolayı tsk ederim
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

İleti

ALEXIS
02.10.2006, 22:28

bu modlar güvenlikten çok "Error creating new session" hatasını gidermek amaçlı
Kullanıcı avatarı
ALEXIS
Site Yöneticisi
Site Yöneticisi
 
İleti: 2563
Kayıt: 30.06.2005, 09:08

Cvp: [+] sessions.php şişiriyorlar

İleti EFE03 03.10.2006, 14:29

tskler bir gün girerken o hatayı aldım host firmamıza söyledim. sessions.php tablosunu şişirmisler..yani flood gibi bisiy yapmıslar sanırsak...bunlara engel olur ins..


tsk ediyorum güvenlik için baska modül varmı?

not;trackre ve phpbb sectury kurulu
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

Cvp: [+] sessions.php şişiriyorlar

İleti ismaildirgi 03.10.2006, 20:37

ben bu verdiğiniz kodları nereye koyacam biri yazarmı acaba bende yeniyim yeni başladım phpBB ye
ismaildirgi
Üye
Üye
 
İleti: 3
Kayıt: 03.10.2006, 20:30

Re: [+] sessions.php şişiriyorlar

İleti EFE03 14.07.2007, 13:21

teşekkürler
EFE03
Üye
Üye
 
İleti: 302
Kayıt: 09.06.2006, 07:37

Re: Cvp: sessions.php şişiriyorlar

İleti RoyaLTurK 08.11.2007, 14:58

ALEXIS yazdı:Bende de bir kaç mod var, şişen session tablosu için:


"Error creating new session" hatası çözümleri ve önlemleri


Bu yazıda kullanılan modlar

Fix Session Error [1.0.1]
Guest Sessions MOD [0.04]
Remove Duplicate Sessions [1.0.0]



İlk mod, dolan session tablosunu siliyor. Peki ne zaman siliyor ? "Error creating new session" hatası yerine ekleniyor kodlar bu da demektir ki, hata oluştuğu an (oluşmayacak artık) siliyor.

Kod: Tümünü seç
##############################################################
## MOD Title: Fix Session Error
## MOD Author: TerraFrost < N/A > (Jim Wigginton) http://www.frostjedi.com/phpbb
## MOD Description: Makes "Error creating new session" errors that much harder to occur.
## MOD Version: 1.0.1
##
## Installation Level: Easy
## Installation Time: 1 Minutes
##
## Files To Edit: 1
##      includes/sessions.php
##############################################################
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://www.phpbb.com/mods/
##############################################################
## Author Notes:
##
##############################################################
## MOD History:
##
##     1.0.1: - fixed a bug whereby logged in users got logged out.
##            - fixed a bug preventing hack from working on boards with prefixes
##              other than phpbb_
##     1.0.0: - initial release
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ OPEN ]------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]------------------------------------------
#
         message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);

#
#-----[ REPLACE WITH ]----------------------------------
#

//-- [+] MOD: Fix Session Error -----------------------------------------
//-- replace
//
//         message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
//
         $sql2 = "DELETE FROM " . SESSIONS_TABLE . " WHERE session_logged_in = 0;";
         if (!$db->sql_query($sql2))
         {
            message_die(CRITICAL_ERROR, 'Error clearing session table', '', __LINE__, __FILE__, $sql2);
         }
         if ( !$db->sql_query($sql) )
         {
            message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
         }
//
//-- [-] MOD: Fix Session Error -----------------------------------------

#
#-----[   SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM



Diğer modumuz ise, misafirler için sid olayını, yani session olayını kaldırıyor, bunu seo için de kullanıyoruz.

Kod: Tümünü seç
#################################################################
## MOD Title: Guest Sessions MOD
## MOD Version: 0.04
## MOD Author: CyberAlien <no@public_email> (Vjacheslav Trushkin) http://www.phpbbstyles.com
## MOD Description:
##      This mod removes session id for guests from url and this way
##      guests who don't have cookies like different robots will use
##      correct urls. It can be used to allow googlebot and other
##      search engines to spider your forum correctly.
##
## Installation Level:   Easy
## Installation Time:   1-2 Minutes
## Files To Edit (1): includes/sessions.php
##############################################################
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://www.phpbb.com/mods/
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################

#
#-----[ OPEN ]---------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]---------------------------------------------
# around line 157
   $sql = "UPDATE " . SESSIONS_TABLE . "
      SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
      WHERE session_id = '" . $session_id . "'
         AND session_ip = '$user_ip'";

#
#-----[ REPLACE WITH ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- replace
//
/*
   $sql = "UPDATE " . SESSIONS_TABLE . "
      SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
      WHERE session_id = '" . $session_id . "'
         AND session_ip = '$user_ip'";
*/
   $sql_ip = $user_id == ANONYMOUS ? " AND session_ip = '$user_ip'" : '';
   $sql = "UPDATE " . SESSIONS_TABLE . "
      SET session_ip = '$user_ip', session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
      WHERE session_id = '" . $session_id . "' $sql_ip
         AND session_user_id = '$user_id'";
//
//-- [-] Guest Sessions ------------------------------------------


#
#-----[ FIND ]---------------------------------------------
# around line 210
   $SID = 'sid=' . $session_id;

#
#-----[ REPLACE WITH ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- replace
//
//   $SID = 'sid=' . $session_id;
//
   $SID = $user_id > 0 ? 'sid=' . $session_id : '';
//
//-- [-] Guest Sessions ------------------------------------------

#
#-----[ FIND ]---------------------------------------------
# around line 288
            $SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';

#
#-----[ REPLACE WITH ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- replace
//
//            $SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';
//
            $SID = $userdata['user_id'] > 0 ? (($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '') : '';
//
//-- [-] Guest Sessions ------------------------------------------


#
#-----[ FIND ]---------------------------------------------
# around line 340
   //
   // If we reach here then no (valid) session exists. So we'll create a new one,
#
#-----[ BEFORE, ADD ]---------------------------------------
#
//-- [+] Guest Sessions ------------------------------------------
//-- add
//
   elseif(empty($sessiondata))
   {
      // try to login guest
      $sql = "SELECT u.*, s.*
         FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
         WHERE s.session_ip = '$user_ip'
            AND s.session_user_id = " . ANONYMOUS . "
            AND u.user_id = s.session_user_id
               LIMIT 0, 1";
      if ( !($result = $db->sql_query($sql)) )
      {
         message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
      }

      $userdata = $db->sql_fetchrow($result);

      if ( isset($userdata['user_id']) )
      {
         if ( $current_time - $userdata['session_time'] > 60 )
         {
            $sql = "UPDATE " . SESSIONS_TABLE . "
               SET session_time = $current_time, session_start = $current_time, session_page = 0
               WHERE session_id = '" . $userdata['session_id'] . "'";
            if ( !$db->sql_query($sql) )
            {
               message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
            }
         }
         return $userdata;
      }
   }
//
//-- [-] Guest Sessions ------------------------------------------

#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM



Üçüncü modumuz, tekrar eden veya eskimiş sessionları temizliyor, bunun da session tablosu üzerinde yararı var.

Kod: Tümünü seç
##############################################################
## MOD Title: Remove Duplicate Sessions
## MOD Author: nurhendra < N/A > (Nur Hendra) N/A
## MOD Description: To remove duplicate/old sessions from the same user.
## MOD Version: 1.0.0
##
## Installation Level: Easy
## Installation Time: ~1 Minutes
## Files To Edit: includes/sessions.php
## Included Files: n/a
##############################################################
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: http://www.phpbb.com/mods/
##############################################################
## Author Notes: This MOD will remove duplicate/old sessions when a
##               user is logging in to increase security (i.e. last
##               session info when logged from Browser/PC #1 will be
##               removed when user is logging in from Browser/PC #2).
##
##############################################################
## MOD History:
##
##   2005-03-27 - Version 1.0.0
##      - Initial release
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################

#
#-----[ OPEN ]------------------------------------------
#
includes/sessions.php

#
#-----[ FIND ]------------------------------------------
#
   //
   // Create or update the session
   //

#
#-----[ AFTER, ADD ]------------------------------------------
#
//-- [+] Remove Duplicate Sessions -------------------------------
//-- add
//
   $sql = "DELETE FROM " . SESSIONS_TABLE .
      " WHERE session_user_id = " . $user_id .
      " AND session_id <> '" . $session_id ."'";
   if ( !$db->sql_query($sql) )
   {
      message_die(GENERAL_ERROR, 'Error in removing duplicate sessions', '', __LINE__, __FILE__, $sql);
   }
//
//-- [-] Remove Duplicate Sessions -------------------------------


#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM



sayın ALEXIS bu üçünüde kurabilir miyiz, sakıncası var mı
Kullanıcı avatarı
RoyaLTurK
Üye
Üye
 
İleti: 32
Kayıt: 11.04.2007, 23:05
Konum: İzmir

Re: [+] sessions.php şişiriyorlar

İleti cemoka 14.11.2007, 20:01

3. mod kurulduğunda: Anti Robotic Registration Flood ve Advanced Visual Confirmation modları çalışmıyor. Özellikle Anti Robotic Registration Flood modundaki problem yeni kullanıcı kaydını engelliyor.
cemoka
Üye
Üye
 
İleti: 6
Kayıt: 16.12.2005, 14:44


Güvenlik



Kimler çevrimiçi

Bu forumu görüntüleyenler: Kayıtlı kullanıcı yok ve 0 misafir

cron