make SESSION_CHECK_ADDRESS work on generic sessions

author: Andrew Dolgov <[email protected]> 2006-03-04 14:30:50 +0100
committer: Andrew Dolgov <[email protected]> 2006-03-04 14:30:50 +0100
commit: 916f788a94f19fde62a5f2bf481d9b6f6b91198c (patch)
tree: 4fab1d9c6501e9d4b6f67ee7d3d8e1d9efd1f501 /functions.php
parent: ff6519f8545d919189fed83bcc4faa4c55e48082 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/functions.php b/functions.php
index acbc3d31e..931774cfd 100644
--- a/functions.php
+++ b/functions.php
@@ -754,6 +754,7 @@
 			$user_theme = get_user_theme_path($link);
 
 			$_SESSION["theme"] = $user_theme;
+			$_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
 
 			initialize_user_prefs($link, $_SESSION["uid"]);
 
@@ -828,9 +829,28 @@
 		return $redirect_uri;
 	}
 
+	function validate_session($link) {
+		if (SESSION_CHECK_ADDRESS && !DATABASE_BACKED_SESSIONS && $_SESSION["uid"]) {
+			if ($_SESSION["ip_address"]) {
+				if ($_SESSION["ip_address"] != $_SERVER["REMOTE_ADDR"]) {
+					return false;
+				}
+			}
+		}
+		return true;
+	}
+
 	function login_sequence($link) {
 		if (!SINGLE_USER_MODE) {
 
+			if (!validate_session($link)) {
+				logout_user();
+				$redirect_uri = get_login_redirect();
+				$return_to = preg_replace('/.*?\//', '', $_SERVER["REQUEST_URI"]);
+				header("Location: $redirect_uri?rt=$return_to");
+				exit;
+			}
+
 			if (!USE_HTTP_AUTH) {
 				if (!$_SESSION["uid"]) {
 					$redirect_uri = get_login_redirect();
author	Andrew Dolgov <[email protected]>	2006-03-04 14:30:50 +0100
committer	Andrew Dolgov <[email protected]>	2006-03-04 14:30:50 +0100
commit	916f788a94f19fde62a5f2bf481d9b6f6b91198c (patch)
tree	4fab1d9c6501e9d4b6f67ee7d3d8e1d9efd1f501 /functions.php
parent	ff6519f8545d919189fed83bcc4faa4c55e48082 (diff)