summaryrefslogtreecommitdiff
path: root/include/sessions.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/sessions.php')
-rw-r--r--include/sessions.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/include/sessions.php b/include/sessions.php
index 81a5a7383..dd1ca663d 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -3,6 +3,8 @@
require_once "config.php";
require_once "db.php";
+ require_once "lib/accept-to-gettext.php";
+ require_once "lib/gettext/gettext.inc";
$session_expire = max(SESSION_COOKIE_LIFETIME, 86400);
$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
@@ -57,6 +59,9 @@
if ($_SESSION["ref_schema_version"] != session_get_schema_version($link, true))
return false;
+ if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"])
+ return false;
+
if ($_SESSION["uid"]) {
$result = db_query($link,
"SELECT pwd_hash FROM ttrss_users WHERE id = '".$_SESSION["uid"]."'");
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 23:54:16 +0000