KTS-808: Session IP tracking defaults to off, configurable using

session/ipTracking configuration variable. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5245 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-808: Session IP tracking defaults to off, configurable using
session/ipTracking configuration variable. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5245 c91229c3-7414-0410-bfa2-8a42b809f60b
Neil Blakey-Milner
1 parent 051bf8c4
Showing 2 changed files with 7 additions and 6 deletions
config/config.ini
lib/session/Session.inc
@@ -141,6 +141,8 @@ uiUrl  = ${rootUrl}/presentation/lookAndFeel/knowledgeTree
 ; session timeout (in seconds)
 sessionTimeout = 1200
 allowAnonymousLogin = true
+; Set to true to force sessions to come from the same IP address
+; ipTracking = false
 [import]
 ; unzip command - will use execSearchPath to find if the path to the
@@ -159,18 +159,17 @@ class Session {
         $iUserID = $aRow["user_id"];
         $oKTConfig = KTConfig::getSingleton();	
-		$allowAnon = $oKTConfig->get('allowAnonymousLogin', false);
+		$allowAnon = $oKTConfig->get('session/allowAnonymousLogin', false);
 		$ANON = -2;
-        if ((!allowAnon) && ($iUserId == $ANON)) { return false; }
-            
+        if ((!$allowAnon) && ($iUserId == $ANON)) { return false; }
+
+        $ipTracking = $oKTConfig->get('session/ipTracking', false);
         // check that ip matches
         $ip = $this->getClientIP();
-        if ($ip != trim($aRow["ip"])) {
+        if ($ipTracking && ($ip != trim($aRow["ip"]))) {
             return PEAR::raiseError("You are coming from a different IP address than the session requires");
-            return false;
         }
-
         // now check if the timeout has been exceeded
         $lastused = $aRow["lastused"];
         $diff = time() - strtotime($lastused);