How to organize access to your personal account by ip in Opencart?

T

tchernout2017-11-01 14:42:59

opencart

tchernout, 2017-11-01 14:42:59

Good day!
Guys, tell me the solution to the issue, and is it really possible to do this:
After registering a user, he can enter his personal account, but with the condition that his ip address at the time of registration is the same as the ip at the moment.
Just don't ask why

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

Z

zoozag, 2017-11-01
@zoozag

ip is already in the database, so the matter is small.
As far as I understand, this code
\catalog\controller\account\login.php is responsible for logging in
It sends email and password. Pass also ip
The login/password verification method itself in system\library\customer.php
Add another argument to the function, $ip
And replace

$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'))))) OR password = '" . $this->db->escape(md5($password)) . "') AND status = '1' AND approved = '1'");

On the

$customer_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "' AND (password = SHA1(CONCAT(salt, SHA1(CONCAT(salt, SHA1('" . $this->db->escape($password) . "'))))) OR password = '" . $this->db->escape(md5($password)) . "') AND status = '1' AND approved = '1' AND ip = '". $ip ."'");