diff --git a/deployment-script.sh b/deployment-script.sh index 1f0d5f2..01465c8 100755 --- a/deployment-script.sh +++ b/deployment-script.sh @@ -10,6 +10,8 @@ echo "Deployment script for repository \"web-deployment\" ==============================================================================" rewrite_code %CONTENT_DIR% "\/common\/threadr" +rewrite_code %ENFORCE_IP% `cat enforce_ip.template` + echo "============================================================================== Done." diff --git a/enforce_ip.template b/enforce_ip.template new file mode 100644 index 0000000..796490f --- /dev/null +++ b/enforce_ip.template @@ -0,0 +1,12 @@ +if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR']){ + // force logout + $_SESSION = array(); + if (ini_get("session.use_cookies")) { + $params = session_get_cookie_params(); + setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]); + } + session_destroy(); + header("Location: https://lostcave.ddnss.de/common/threadr/login/?error=session"); + die(); +} + diff --git a/threadr/userhome/index.php b/threadr/userhome/index.php index 590058c..4a6a21d 100644 --- a/threadr/userhome/index.php +++ b/threadr/userhome/index.php @@ -1,17 +1,7 @@ prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table