Changeset 370
- Timestamp:
- May 11, 2010 10:28:59 PM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_SQL.inc.php
r369 r370 551 551 $this->_authentication_tested = true; 552 552 553 // Some users will access from networks with a changing IP number (i.e. behind a proxy server). These users must be allowed entry by adding their IP to the list of trusted_networks. 553 // Some users will access from networks with a changing IP number (i.e. behind a proxy server). 554 // These users must be allowed entry by adding their IP to the list of trusted_networks, or their usernames to the list of match_remote_ip_exempt_usernames. 554 555 if ($trusted_net = ipInRange(getRemoteAddr(), $this->_params['trusted_networks'])) { 555 556 $user_in_trusted_network = true; … … 621 622 $expire_reasons[] = 'idle_timeout expired'; 622 623 } 623 if ($_SESSION['_auth_sql'][$this->_ns]['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) { 624 if ($this->getParam('match_remote_ip') && !$this->get('match_remote_ip_exempt')) { 624 if ($_SESSION['_auth_sql'][$this->_ns]['remote_ip'] != getRemoteAddr()) { 625 if ($this->getParam('match_remote_ip') && !$this->get('match_remote_ip_exempt') && !$user_in_trusted_network) { 626 // There are three cases when a remote IP match will be the cause of a session termination: 627 // 1. match_remote_ip config is enabled 628 // 2. user is not match_remote_ip_exempt (set in the user_data, or in the match_remote_ip_exempt_usernames list) 629 // 3. the user is connecting from a trusted network (their IP is listed in the trusted_networks or from *.proxy.aol.com) 625 630 $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION['_auth_sql'][$this->_ns]['remote_ip'], getRemoteAddr()); 626 631 } else {
Note: See TracChangeset
for help on using the changeset viewer.