X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=include%2Fsessions.php;h=5584c25bdbff3fd3ea446069c2a1e60d30f9bad9;hb=d246fb9fe1f18eb98037758f1b7369b34258fbf7;hp=2d17bfd8e388363edef677662e8ac4db944649f2;hpb=74736fce0f89efbaa971e6817303e8840c4aed8f;p=tt-rss.git

diff --git a/include/sessions.php b/include/sessions.php
index 2d17bfd8..5584c25b 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -13,7 +13,6 @@
 	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
 
 	if (is_server_https()) {
-		$session_name .= "_ssl";
 		ini_set("session.cookie_secure", true);
 	}
 
@@ -50,15 +49,8 @@
 
 		if ($_SESSION["uid"]) {
 
-			if (!defined('_SKIP_SESSION_ADDRESS_CHECKS') || !_SKIP_SESSION_ADDRESS_CHECKS) {
-				if ($_SESSION["ip_address"] != $_SERVER["REMOTE_ADDR"]) {
-					$_SESSION["login_error_msg"] = __("Session failed to validate.");
-					return false;
-				}
-			}
-
 			if ($_SESSION["user_agent"] != sha1($_SERVER['HTTP_USER_AGENT'])) {
-				$_SESSION["login_error_msg"] = __("Session failed to validate.");
+				$_SESSION["login_error_msg"] = __("Session failed to validate (UA changed).");
 				return false;
 			}
 
@@ -160,9 +152,5 @@
 	if (!defined('NO_SESSION_AUTOSTART')) {
 		if (isset($_COOKIE[session_name()])) {
 			@session_start();
-
-			if (!$_SESSION['uid']) {
-				logout_user();
-			}
 		}
 	}