function ewiki_session_ip_verify() { global $liveuser; $logindata = ewiki_liveuser_get_login_data(); if ($_SESSION['loginInfo']['ip_address'] !== $logindata['ip_address'] || $_SESSION['loginInfo']['ssl_session_id'] !== $logindata['ssl_session_id']) { //they've changed...this is weird...log em out $liveuser->logout(); } }
function liveuser_loglogin() { global $liveuserDB; if (!isset($_REQUEST['username'])) { return; } $requestInfo = ewiki_liveuser_get_login_data(); //store ip and sslid in session variables so we can check them later. $_SESSION['loginInfo']['ip_address'] = $requestInfo['ip_address']; $_SESSION['loginInfo']['ssl_session_id'] = $requestInfo['ssl_session_id']; //var_dump($requestInfo); // You must create a new array to pass to this function, passing // $requestInfo does not work if ($liveuserDB->query('INSERT INTO ' . LW_PREFIX . '_login_log (auth_user_handle, ' . 'php_session_id, ssl_session_id,ip_address,delay,success,time) ' . 'VALUES (?, ?, ?, ?, ?, ?, NOW())', array($requestInfo['auth_user_handle'], $requestInfo['php_session_id'], $requestInfo['ssl_session_id'], $requestInfo['ip_address'], $requestInfo['delay'], $requestInfo['success'])) != DB_OK) { die('Failure in database connection, unable to continue'); } //*/ }