/** * Determines if the existing session matches the given IP address. Looks * for the session's IP in the ip key. If not found, check passes. * * @param array $session * @param string|false $ipAddress IP address as binary or false to prevent IP check * * @return boolean */ public function sessionMatchesIp(array $session, $ipAddress) { if (!isset($session['ip']) || empty($session['ip']) || empty($ipAddress)) { return true; // no IP to check against } if (strlen($ipAddress) == 4) { $cidr = intval($this->_config['ipv4CidrMatch']); } else { $cidr = intval($this->_config['ipv6CidrMatch']); } if ($cidr <= 0) { return true; // IP check disabled } return XenForo_Helper_Ip::ipMatchesCidrRange($ipAddress, $session['ip'], $cidr); }