Zubrag.com
December 14, 2018, 06:30:59 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: Is It Possible to Track Logins  (Read 10782 times)
sundial2k
Newbie
*
Posts: 13


« on: June 05, 2010, 11:44:05 AM »

Hi - Password Protect works perfectly.  I'm wondering if there is a way to track the logins - like how many times a specific user went to the site?

Thanks,
John

Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #1 on: June 07, 2010, 03:09:59 AM »

Such thing should be tracked using database.

But if log file of login date/IP/username is enough, then

find this code
setcookie("verify", md5($login.'%'.$pass), $timeout, '/');

and insert following code before it
$f = @fopen('logins.log', 'a+');
if ($f) {
  @fputs($f, date("m.d.Y g:ia").'  IP='.$_SERVER['REMOTE_ADDR'].'  Username='.$login."\n");
  @fclose($f);
}


It will append to log file each time user logs in
Logged
sundial2k
Newbie
*
Posts: 13


« Reply #2 on: June 07, 2010, 05:37:29 AM »

Thanks - what/where is the log file that it's appending?
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #3 on: June 07, 2010, 06:06:24 AM »

$f = @fopen('logins.log', 'a+');

log filename gets set in this line, highlighted. Specify path from the root (i.e. absolute path) to make sure it gets saved where you need it, like /path/from/root/mylog.txt
Logged
sundial2k
Newbie
*
Posts: 13


« Reply #4 on: June 07, 2010, 06:18:27 AM »

Thanks!!!  Here's my last question... I'm not requiring a username, just a password.  Can I collect the passwords in the log?
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #5 on: June 07, 2010, 06:31:28 AM »

yes, replace $login with $pass in following line and it will store passwords instead of logins
@fputs($f, date("m.d.Y g:ia").'  IP='.$_SERVER['REMOTE_ADDR'].'  Username='.$login."\n");
Logged
sundial2k
Newbie
*
Posts: 13


« Reply #6 on: June 07, 2010, 09:55:08 AM »

Thanks again for your replies (a donation was made Smiley)

I thought I was done but I have one more question. 

I'm using Password Protect for limiting access to a private shopping site.  I am running into an issue when people go to checkout on the secure (SSL) part of my site, that they are asked for the password again.  Is there a way of preventing this 2nd password request?  I'm using this on a Joomla website, so I think EVERY page is the same index.html page.

Thanks,
John
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #7 on: June 07, 2010, 01:32:43 PM »

John,

i did not have a chance to try it on https, but from what you say it looks like a cookie issue (cookie somehow lost). Could you provide me with exact url of where user login and sample https url which is not working (send private message for security)?

and thank you for donation Smiley
Logged
sundial2k
Newbie
*
Posts: 13


« Reply #8 on: June 07, 2010, 01:41:25 PM »

Hi - the site is: http://egallery.kinkadeevents.com (j2010 is a password to get in).  

Once you are in, choose a category, add something to the cart and then begin the checkout process and you'll see what I'm referring to.

You can use the username Test with P/W test123 if the cart asks for a login.

Thanks a lot!
John
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #9 on: June 07, 2010, 01:54:38 PM »

I think the problem is as follows. User login on http://egallery.kinkadeevents.com, so your browser sets a cookie for this domain. When you checkout - it redirects to https://secure.bluehost.com which is a different domain (causing cookie loss).
Is it somehow possible to perform checkout on https://egallery.kinkadeevents.com ?
Logged
sundial2k
Newbie
*
Posts: 13


« Reply #10 on: June 07, 2010, 01:59:38 PM »

I'm working on that with my client, but don't think the address will end up being https://egallery.kinkadeevents.com.  The hosting company he's using (Bluehost) has their system configured to only give the primary domain the SSL prefix, so in this case I think the checkout might look more like https://www.kinkadeevents.com/egallery. 

Do you think that will that cause the same issue?
Logged
zubrag
Administrator
Hero Member
*****
Posts: 788


WWW
« Reply #11 on: June 07, 2010, 03:39:31 PM »

i think this one should work fine
Logged
Kimball342
Newbie
*
Posts: 11


« Reply #12 on: August 12, 2010, 03:29:47 AM »

couple of weeks ago social networking site FACEBOOK introduce this type of activity but its not work there properly, i don't how it is possible to see person whose visiting your profile or site.
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC