• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

AAC ZNOTE MAX 10 ACCOUNT IP

N

neravia

Member
Joined
May 25, 2022
Messages
75
Reaction score
14
Hello.
Znote have option with check IP?
I need system who check IP and agree create only 5/10 accounts, no more. This is possible?
 
Sort by date Sort by votes
Boy67 said:
IP can be easily spoofed, so no point.
Click to expand...
It can be spoofed, but with some limits. Newbie attacker won't get more than 50.000 IPs, which gives 500k accounts in database. Without limits, single IP can make billion accounts and make database use all SSD space or at least lock all popular accounts names forcing players to use other account names.
neravia said:
Hello.
Znote have option with check IP?
I need system who check IP and agree create only 5/10 accounts, no more. This is possible?
Click to expand...
Above:
github.com

ZnoteAAC/register.php at master · Znote/ZnoteAAC

Developement repository for the Znote AAC project. A website portal to represent and manage your Open Tibia server. - Znote/ZnoteAAC
github.com github.com
Add:
PHP: 
$createdAccountsData = mysql_select_single("SELECT COUNT(`ip`) AS `value` FROM `znote_accounts` WHERE `created` >= " . (time() - 86400) . " AND `ip` = " . getIPLong());
$createdAccounts = ($createdAccountsData !== false) ? $createdAccountsData['value'] : 0;
if ($createdAccounts >= 10) {
    $errors[] = 'You cannot create more than 10 account within 24 hours.';
}
 
Upvote 1 Downvote
Gesior.pl said:
It can be spoofed, but with some limits. Newbie attacker won't get more than 50.000 IPs, which gives 500k accounts in database. Without limits, single IP can make billion accounts and make database use all SSD space or at least lock all popular accounts names forcing players to use other account names.

Above:
github.com

ZnoteAAC/register.php at master · Znote/ZnoteAAC

Developement repository for the Znote AAC project. A website portal to represent and manage your Open Tibia server. - Znote/ZnoteAAC
github.com github.com
Add:
PHP: 
$createdAccountsData = mysql_select_single("SELECT COUNT(`ip`) AS `value` FROM `znote_accounts` WHERE `created` >= " . (time() - 86400) . " AND `ip` = " . getIPLong());
$createdAccounts = ($createdAccountsData !== false) ? $createdAccountsData['value'] : 0;
if ($createdAccounts >= 10) {
    $errors[] = 'You cannot create more than 10 account within 24 hours.';
}
Click to expand...
For Gesior 2012 we have something similar?
 
Upvote 0 Downvote
potinho said:
For Gesior 2012 we have something similar?
Click to expand...
Under:
github.com

Gesior2012/pages/createaccount.php at master · gesior/Gesior2012

Gesior 2012 - Account Maker [website] for OTSes, account maker you can find in BRANCHES. Select 'branch'. - gesior/Gesior2012
github.com github.com
Add:
PHP: 
if (empty($reg_form_errors)) {
    $visitorIp = (int)Visitor::getIP();
    $createdAccountsData = $SQL->query('SELECT COUNT(1) AS value FROM `accounts` WHERE `creation` >= ' . (time() - 86400) . ' AND `create_ip` = ' . $visitorIp)->fetch();
    $createdAccounts = ($createdAccountsData !== false) ? $createdAccountsData['value'] : 0;
    if ($createdAccounts >= 10) {
        $reg_form_errors[] = 'You cannot create more than 10 accounts within 24 hours.';
    }
}

CloudFlare NOTE:
If you are using CloudFlare.com, users may access your site using IPv6, even, if your VPS/dedicated server allows only IPv4 connections.
Gesior2012/Znote does not support IPv6 and all IPv6 users will be counted as single IP (as 0.0.0.0), so after 10 accounts created by IPv6 users, it will block all others.
You cannot switch off 'IPv6 support' in Cloudflare panel on website. Here is instruction how to disable it using CloudFlare API:
mediarealm.com.au

Disabling IPv6 on Cloudflare - Media Realm

Find out how to disable IPv6 access on your Cloudflare website, even if the dashboard won't allow you. Helpful if you have a legacy app without IPv6 support
mediarealm.com.au mediarealm.com.au
 
Upvote 0 Downvote
Gesior.pl said:
Under:
github.com

Gesior2012/pages/createaccount.php at master · gesior/Gesior2012

Gesior 2012 - Account Maker [website] for OTSes, account maker you can find in BRANCHES. Select 'branch'. - gesior/Gesior2012
github.com github.com
Add:
PHP: 
if (empty($reg_form_errors)) {
    $visitorIp = (int)Visitor::getIP();
    $createdAccountsData = $SQL->query('SELECT COUNT(1) AS value FROM `accounts` WHERE `creation` >= ' . (time() - 86400) . ' AND `create_ip` = ' . $visitorIp)->fetch();
    $createdAccounts = ($createdAccountsData !== false) ? $createdAccountsData['value'] : 0;
    if ($createdAccounts >= 10) {
        $reg_form_errors[] = 'You cannot create more than 10 accounts within 24 hours.';
    }
}

CloudFlare NOTE:
If you are using CloudFlare.com, users may access your site using IPv6, even, if your VPS/dedicated server allows only IPv4 connections.
Gesior2012/Znote does not support IPv6 and all IPv6 users will be counted as single IP (as 0.0.0.0), so after 10 accounts created by IPv6 users, it will block all others.
You cannot switch off 'IPv6 support' in Cloudflare panel on website. Here is instruction how to disable it using CloudFlare API:
mediarealm.com.au

Disabling IPv6 on Cloudflare - Media Realm

Find out how to disable IPv6 access on your Cloudflare website, even if the dashboard won't allow you. Helpful if you have a legacy app without IPv6 support
mediarealm.com.au mediarealm.com.au
Click to expand...
Got error when try to create account after this change:

[Wed Jun 22 08:14:45.078367 2022] [php7:error] [pid 15584] PHP Fatal error: Uncaught Error: Call to a member function fetch() on boolean in /var/www/html/pages/createaccount.php:276\nStack trace:\n#0 /var/www/html/system/load.page.php(7): include()\n#1 /var/www/html/index.php(42): include_once('/var/www/html/s...')\n#2 {main}\n thrown in /var/www/html/pages/createaccount.php on line 276
 
Upvote 0 Downvote
potinho said:
Got error when try to create account after this change:

[Wed Jun 22 08:14:45.078367 2022] [php7:error] [pid 15584] PHP Fatal error: Uncaught Error: Call to a member function fetch() on boolean in /var/www/html/pages/createaccount.php:276\nStack trace:\n#0 /var/www/html/system/load.page.php(7): include()\n#1 /var/www/html/index.php(42): include_once('/var/www/html/s...')\n#2 {main}\n thrown in /var/www/html/pages/createaccount.php on line 276
Click to expand...
Looks like your database is not compatible. Post what columns you have in accounts table.
 
Upvote 0 Downvote
In code from my post above replace creation with create_date or created.
I don't know in which column your acc. maker stores date of account creation.
 
Upvote 1 Downvote
Back
Top