/**
* validate session by ip address
*/
public function _validate()
{
$ip = self::get('session.client.address');
if ($ip === null) {
self::set('session.client.address', $_SERVER['REMOTE_ADDR']);
} elseif ($_SERVER['REMOTE_ADDR'] !== $ip) {
self::$_state = 'error';
return false;
}
// Record proxy forwarded for in the session in case we need it later
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
self::set('session.client.forwarded', $_SERVER['HTTP_X_FORWARDED_FOR']);
}
return true;
}
