MakeNewSession(); } else { /* Use composite index to quickly discover user if it's logged in */ $session = new Session("loggedIn = 1 AND sessionID = '{$sid}'"); /* If session isn't logged in search on sid */ if ($session->IsEmpty()) { $session = new Session("sessionID = '{$sid}'"); if ($session->IsEmpty()) { /* This would happen if the session database changed */ MakeNewSession(); } } else { /* TODO:TEST: Need to test transporting cookies to another workstation to see if this works */ if ($session->GetIPAddress() != $_SERVER['REMOTE_ADDR']) { $user =& $session->User(); $session->SessionIPChanged('User', $user->ID(), $session->GetIPAddress() . ' -> ' . $_SERVER['REMOTE_ADDR']); $user->Logout(); } } } if ($post) { switch ($postType) { case 'LOGIN': $ret = Login($_POST['txtUsername'], $_POST['txtPassword']); switch ($ret) { case LOGIN_AUTH: break; case LOGIN_ACCOUNT_DISABLED: $banner = GetCap('capAccountDisabled'); break;