From 413b6c248b7be566ae65e9ab4fdf35f640d58f3b Mon Sep 17 00:00:00 2001
From: Neil Blakey-Milner <nbm@knowledgetree.com>
Date: Tue, 18 Apr 2006 08:44:16 +0000
Subject: [PATCH] KTS-808: Session IP tracking defaults to off, configurable using session/ipTracking configuration variable.

---
 config/config.ini       |  2 ++
 lib/session/Session.inc | 11 +++++------
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/config/config.ini b/config/config.ini
index 541cf10..7b2a978 100644
--- a/config/config.ini
+++ b/config/config.ini
@@ -141,6 +141,8 @@ uiUrl  = ${rootUrl}/presentation/lookAndFeel/knowledgeTree
 ; session timeout (in seconds)
 sessionTimeout = 1200
 allowAnonymousLogin = true
+; Set to true to force sessions to come from the same IP address
+; ipTracking = false
 
 [import]
 ; unzip command - will use execSearchPath to find if the path to the
diff --git a/lib/session/Session.inc b/lib/session/Session.inc
index 3b9560c..8dc2623 100644
--- a/lib/session/Session.inc
+++ b/lib/session/Session.inc
@@ -159,18 +159,17 @@ class Session {
         $iUserID = $aRow["user_id"];
 		
         $oKTConfig = KTConfig::getSingleton();	
-		$allowAnon = $oKTConfig->get('allowAnonymousLogin', false);
+		$allowAnon = $oKTConfig->get('session/allowAnonymousLogin', false);
 		$ANON = -2;
-        if ((!allowAnon) && ($iUserId == $ANON)) { return false; }
-            
+        if ((!$allowAnon) && ($iUserId == $ANON)) { return false; }
+
+        $ipTracking = $oKTConfig->get('session/ipTracking', false);
         // check that ip matches
         $ip = $this->getClientIP();
-        if ($ip != trim($aRow["ip"])) {
+        if ($ipTracking && ($ip != trim($aRow["ip"]))) {
             return PEAR::raiseError("You are coming from a different IP address than the session requires");
-            return false;
         }
 
-
         // now check if the timeout has been exceeded
         $lastused = $aRow["lastused"];
         $diff = time() - strtotime($lastused);
--
libgit2 0.21.4