AwakenedLands Forums

Full Version: Multiple IP Signup Prevention
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Dragon

In order to stop people from signing up for another account with the same IP, why not just add a piece of code like this to the signup page...

$ip = $_SERVER['REMOTE_ADDR'];
$query = mysql_query("SELECT * FROM `User` WHERE Signup IP='$ip'");
$rows = mysql_num_rows($query);
if($rows<0){
normal code...
}else{
echo"I'm sorry, but the IP ($ip) has already been used.";
}

Then, once that the people that haven't signed up have signed up for an account, then just use a query to insert their IP in to the table, so that if they try to signup again, they won't be able to.

It just doesn't make sense to allow people to signup again on the same IP, when you could just simply stop them from doing so. That would probably save Zenith some time checking the database for multiple IP addresses and while doing this, also allowing Zenith to use that saved time for more on the development on this game.

LuparKoor

aye, but in some situations there are multiple people using the same ip address, due to working within a network. There are a couple people in my office that are playing via the same ip address, we just let Zenith know and she ok'd it. Most of us have made donations to the game, and if such a code would have been in place then those people never would have been able to play, and that bit of money wouldnt have been donated to help the game out. Also keep in mind, if this game gets more popular, it could be that you go to log in at your school or workplace and you instantly get your account blocked since someone else had once started an account at that same ip... better to just keep an eye out for abuse than to completely shoot yourself in the foot by preventing would-be donars
Dragon Wrote:In order to stop people from signing up for another account with the same IP, why not just add a piece of code like this to the signup page...

$ip = $_SERVER['REMOTE_ADDR'];
$query = mysql_query("SELECT * FROM `User` WHERE Signup IP='$ip'");
$rows = mysql_num_rows($query);
if($rows<0){
normal code...
}else{
echo"I'm sorry, but the IP ($ip) has already been used.";
}

Then, once that the people that haven't signed up have signed up for an account, then just use a query to insert their IP in to the table, so that if they try to signup again, they won't be able to.

It just doesn't make sense to allow people to signup again on the same IP, when you could just simply stop them from doing so. That would probably save Zenith some time checking the database for multiple IP addresses and while doing this, also allowing Zenith to use that saved time for more on the development on this game.

First off Dragon, I appreciate the input. I'm glad you are involved enough with our community to try and help.

What LuparKoor says is pretty much how we look at the situation. If we didn't allow people to sign-up from an IP address more than once, we'd be missing some quality players. Many of our players are real-life friends, and play from work.

While I'd love to prevent cheaters from signing up, that's a perfect world. I'd rather miss a few cheaters than miss some quality players signing up. Usually the cheaters get caught over time.

Most cheaters I catch nowadays are using multiple IPs. I agree with you Dragon, I'd rather spend more time developing than sniffing out cheaters, but since these types of games are so popular there will be cheaters jumping from game to game trying to outwit the code.

Unlike most of the games out there, we actually survive well with minimal staff thanks to some coding efforts by myself and Err. We track every IP a player uses since creation, and it's getting easier to find the bad apples.

As for the code you posted, that would actually result in no one ever being able to sign-up since the else clause would always be true. $rows would always be zero or greater. You'd probably want something like the following:
Code:
if ( $rows > 0 ){
     echo "I'm sorry, but the IP ($ip) has already been used.";
} else {
     normal code...
}

If you have any ideas on where we could use a current or formerly used IP check to prevent game mechanics from being exploited, I am all ears. There are several areas this is used that most players have no idea about since it never affects them.

Dragon

How about a piece of code that prevents a person from signing up again, for a certain amount of time on the same IP address? Or, how about limiting the number of signups on a single IP to around about 7-10? If the IP is really needed again for signup, then you can get in contact with Zenith or some thing.

:oops:
Reference URL's