change behaviour of SESSION_CHECK_ADDRESS

author: Andrew Dolgov <[email protected]> 2010-11-26 12:31:01 +0300
committer: Andrew Dolgov <[email protected]> 2010-11-26 12:31:01 +0300
commit: 0f41fce845757e0d986be0c00f290ef1da7dc1e1 (patch)
tree: 42a2ddb5868fb0e9292492c002d7e9dc6369bfe7 /config.php-dist
parent: 64e411abf4a59b0af319fdf8e07d9fb58097e810 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/config.php-dist b/config.php-dist
index 824b843c7..f3045f70e 100644
--- a/config.php-dist
+++ b/config.php-dist
@@ -49,8 +49,12 @@
 	// configurations. Doesn't seem to work for everyone, so enable with caution.
 	// tt-rss uses default PHP session storing mechanism if disabled.
 
-	define('SESSION_CHECK_ADDRESS', true);
-	// Bind session to client IP address (recommended)
+	define('SESSION_CHECK_ADDRESS', 1);
+	// Check client IP address when validating session:
+	// 0 - disable checking
+	// 1 - check first 3 octets of an address (recommended)
+	// 2 - check first 2 octets of an address
+	// 3 - check entire address
 
 	define('SESSION_COOKIE_LIFETIME', 0);
 	// Default lifetime of a session (e.g. login) cookie. In seconds,
author	Andrew Dolgov <[email protected]>	2010-11-26 12:31:01 +0300
committer	Andrew Dolgov <[email protected]>	2010-11-26 12:31:01 +0300
commit	0f41fce845757e0d986be0c00f290ef1da7dc1e1 (patch)
tree	42a2ddb5868fb0e9292492c002d7e9dc6369bfe7 /config.php-dist
parent	64e411abf4a59b0af319fdf8e07d9fb58097e810 (diff)