From ce515f7fc25e8e7bbe24acef89b662cef94270ee Mon Sep 17 00:00:00 2001
From: Michael Kuron <mkuron@users.noreply.github.com>
Date: Thu, 18 May 2017 19:26:01 +0200
Subject: [PATCH] Remove REMOTE_ADDR check

---
 data/web/inc/sessions.inc.php | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php
index f78ce532..0dcd6472 100644
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@@ -19,20 +19,14 @@ if (!isset($_SESSION['CSRF']['TOKEN'])) {
   $_SESSION['CSRF']['TOKEN'] = bin2hex(random_bytes(32));
 }
 
-// Set session IP and UA
-if (!isset($_SESSION['SESS_REMOTE_IP'])) {
-  $_SESSION['SESS_REMOTE_IP'] = $_SERVER['REMOTE_ADDR'];
-}
+// Set session UA
 if (!isset($_SESSION['SESS_REMOTE_UA'])) {
   $_SESSION['SESS_REMOTE_UA'] = $_SERVER['HTTP_USER_AGENT'];
 }
 
 // Check session
 function session_check() {
-  if (!isset($_SESSION['SESS_REMOTE_IP']) || !isset($_SESSION['SESS_REMOTE_UA'])) {
-    return false;
-  }
-  if ($_SESSION['SESS_REMOTE_IP'] != $_SERVER['REMOTE_ADDR']) {
+  if (!isset($_SESSION['SESS_REMOTE_UA'])) {
     return false;
   }
   if ($_SESSION['SESS_REMOTE_UA'] != $_SERVER['HTTP_USER_AGENT']) {
@@ -70,4 +64,4 @@ if (isset($_POST["logout"])) {
     session_write_close();
     header("Location: /");
   }
-}
\ No newline at end of file
+}