new option: SESSION_CHECK_ADDRESS
This commit is contained in:
parent
8fd92701e9
commit
09018e9526
|
@ -104,5 +104,8 @@
|
|||
// Store session information in a database (recommended)
|
||||
// Uses default PHP session storing mechanism if disabled
|
||||
|
||||
define('SESSION_CHECK_ADDRESS', true);
|
||||
// Bind sessions to specific IP address (requires DATABASE_BACKED_SESSIONS)
|
||||
|
||||
// vim:ft=php
|
||||
?>
|
||||
|
|
|
@ -259,6 +259,7 @@ create table ttrss_scheduled_updates (id integer not null primary key auto_incre
|
|||
create table ttrss_sessions (id varchar(300) unique not null primary key,
|
||||
data text,
|
||||
expire integer not null,
|
||||
ip_address varchar(15) not null default '',
|
||||
index (id),
|
||||
index (expire)) TYPE=InnoDB;
|
||||
|
||||
|
|
|
@ -233,7 +233,8 @@ create table ttrss_scheduled_updates (id serial not null primary key,
|
|||
|
||||
create table ttrss_sessions (id varchar(300) unique not null primary key,
|
||||
data text,
|
||||
expire integer not null);
|
||||
expire integer not null,
|
||||
ip_address varchar(15) not null default '');
|
||||
|
||||
create index ttrss_sessions_expire_index on ttrss_sessions(expire);
|
||||
|
||||
|
|
|
@ -8,6 +8,7 @@ alter table ttrss_entries alter column author set default '';
|
|||
create table ttrss_sessions (id varchar(300) unique not null primary key,
|
||||
data text,
|
||||
expire integer not null,
|
||||
ip_address varchar(15) not null default '',
|
||||
index (id),
|
||||
index (expire)) TYPE=InnoDB;
|
||||
|
||||
|
|
|
@ -9,7 +9,8 @@ alter table ttrss_entries alter column author set default '';
|
|||
|
||||
create table ttrss_sessions (id varchar(300) unique not null primary key,
|
||||
data text,
|
||||
expire integer not null);
|
||||
expire integer not null,
|
||||
ip_address varchar(15) not null default '');
|
||||
|
||||
create index ttrss_sessions_id_index on ttrss_sessions(id);
|
||||
create index ttrss_sessions_expire_index on ttrss_sessions(expire);
|
||||
|
|
28
sessions.php
28
sessions.php
|
@ -22,7 +22,13 @@
|
|||
|
||||
global $session_connection,$session_read;
|
||||
|
||||
$query = "SELECT data FROM ttrss_sessions WHERE id='$id'";
|
||||
$ip_address = $_SERVER["REMOTE_ADDR"];
|
||||
|
||||
if (SESSION_CHECK_ADDRESS) {
|
||||
$address_check_qpart = " AND ip_address = '$ip_address'";
|
||||
}
|
||||
|
||||
$query = "SELECT data FROM ttrss_sessions WHERE id='$id' $address_check_qpart";
|
||||
|
||||
$res = db_query($session_connection, $query);
|
||||
|
||||
|
@ -47,12 +53,18 @@
|
|||
|
||||
$data = db_escape_string(base64_encode($data), $session_connection);
|
||||
|
||||
$ip_address = $_SERVER["REMOTE_ADDR"];
|
||||
|
||||
if (SESSION_CHECK_ADDRESS) {
|
||||
$address_check_qpart = " AND ip_address = '$ip_address'";
|
||||
}
|
||||
|
||||
if ($session_read) {
|
||||
$query = "UPDATE ttrss_sessions SET data='$data',
|
||||
expire='$expire' WHERE id='$id'";
|
||||
expire='$expire' WHERE id='$id' $address_check_qpart";
|
||||
} else {
|
||||
$query = "INSERT INTO ttrss_sessions (id, data, expire)
|
||||
VALUES ('$id', '$data', '$expire')";
|
||||
$query = "INSERT INTO ttrss_sessions (id, data, expire, ip_address)
|
||||
VALUES ('$id', '$data', '$expire', '$ip_address')";
|
||||
}
|
||||
|
||||
db_query($session_connection, $query);
|
||||
|
@ -72,7 +84,13 @@
|
|||
|
||||
global $session_connection;
|
||||
|
||||
$query = "DELETE FROM ttrss_sessions WHERE id = '$id'";
|
||||
$ip_address = $_SERVER["REMOTE_ADDR"];
|
||||
|
||||
if (SESSION_CHECK_ADDRESS) {
|
||||
$address_check_qpart = " AND ip_address = '$ip_address'";
|
||||
}
|
||||
|
||||
$query = "DELETE FROM ttrss_sessions WHERE id = '$id' $address_check_qpart";
|
||||
|
||||
db_query($session_connection, $query);
|
||||
|
||||
|
|
Loading…
Reference in New Issue