diff options
author | Barak Korren <[email protected]> | 2013-04-01 18:39:57 +0300 |
---|---|---|
committer | Barak Korren <[email protected]> | 2013-04-01 18:39:57 +0300 |
commit | 3f44977129ef0ab3c6233dc94d8c46ca2fa039f0 (patch) | |
tree | 53001b5acd5637666abe9281f880c33376ab0466 /include/sessions.php | |
parent | 32b7a340adb9c1acd209049512c0b5d53ed04276 (diff) | |
parent | c050148df4b81eca3c0e1110b94a649e9b56f9b0 (diff) |
Merge branch 'master' of https://github.com/gothfox/Tiny-Tiny-RSS.git into tunable-fetches
Diffstat (limited to 'include/sessions.php')
-rw-r--r-- | include/sessions.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/sessions.php b/include/sessions.php index 81a5a7383..dd1ca663d 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -3,6 +3,8 @@ require_once "config.php"; require_once "db.php"; + require_once "lib/accept-to-gettext.php"; + require_once "lib/gettext/gettext.inc"; $session_expire = max(SESSION_COOKIE_LIFETIME, 86400); $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; @@ -57,6 +59,9 @@ if ($_SESSION["ref_schema_version"] != session_get_schema_version($link, true)) return false; + if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"]) + return false; + if ($_SESSION["uid"]) { $result = db_query($link, "SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'"); |