diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-05-02 00:32:10 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-05-02 00:32:10 +0000 |
| commit | 30eb41b4dd4b9b1fc206f173820998f18b22c1b8 (patch) | |
| tree | a655c221eb65cd335cdc97a6e28a838758b1545c | |
| parent | ccbd1cdfdda2fa8f893c778e982bc31084b8c49c (diff) | |
| download | forums-30eb41b4dd4b9b1fc206f173820998f18b22c1b8.tar forums-30eb41b4dd4b9b1fc206f173820998f18b22c1b8.tar.gz forums-30eb41b4dd4b9b1fc206f173820998f18b22c1b8.tar.bz2 forums-30eb41b4dd4b9b1fc206f173820998f18b22c1b8.tar.xz forums-30eb41b4dd4b9b1fc206f173820998f18b22c1b8.zip | |
Prevent logged in user logging in again from diff IP in same sess
git-svn-id: file:///svn/phpbb/trunk@224 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/sessions.php | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/phpBB/includes/sessions.php b/phpBB/includes/sessions.php index ca7a97ba2b..dae49cf68e 100644 --- a/phpBB/includes/sessions.php +++ b/phpBB/includes/sessions.php @@ -64,14 +64,28 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = F { if($user_id == ANONYMOUS) { - $login = 0; + $login = FALSE; + $autologin = FALSE; + } + // + // Remove duplicate user_id from session table + // if IP is different ... stops same user + // logging in from different PC's at same time + // Do we want this ??? + // + if( ( $login || $autologin ) && $user_id != ANONYMOUS && $user_id != DELETED ) + { + $sql_delete_same_user = "DELETE FROM ".SESSIONS_TABLE." + WHERE session_user_id = '$user_id' + AND session_ip != '$int_ip' + AND session_logged_in = '1'"; + $result = $db->sql_query($sql_delete_same_user); } $sql_update = "UPDATE ".SESSIONS_TABLE." SET session_user_id = '$user_id', session_start = '$current_time', session_time = '$current_time', session_page = '$page_id', session_logged_in = '$login' WHERE (session_id = '".$cookiedata['sessionid']."') AND (session_ip = '$int_ip')"; - $result = $db->sql_query($sql_update); if(!$result || !$db->sql_affectedrows()) |