forked from root/threadr.lostcave.ddnss.de
renamed NO_SESSION_STEALING → NO_CHEAP_SESSION_STEALING
parent
60987ea2fd
commit
3f429d4872
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
session_start();
|
||||
//Todo: make this a setting for users that use VPNs/Proxies and seem to jump around the world rather quickly...
|
||||
%NO_SESSION_STEALING%
|
||||
%NO_CHEAP_SESSION_STEALING%
|
||||
|
||||
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
|
||||
$statement = $pdo->prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"CONTENT_DIR":"/common/threadr",
|
||||
|
||||
"NO_SESSION_STEALING":"
|
||||
"NO_CHEAP_SESSION_STEALING":"
|
||||
if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){
|
||||
// force logout
|
||||
$_SESSION = array();
|
||||
|
|
Loading…
Reference in New Issue