tracksessionip: Difference between revisions
From MoodleDocs
No edit summary |
|||
Line 9: | Line 9: | ||
* to turn it on, go to config.php and uncomment: | * to turn it on, go to config.php and uncomment: | ||
* $CFG->tracksessionip= True; | * $CFG->tracksessionip= True; | ||
// If this setting is set to true, then Moodle will track the IP of the | |||
// current user to make sure it hasn't changed during a session. This | |||
// will prevent the possibility of sessions being hijacked via XSS, but it | |||
// may break things for users coming using proxies that change all the time, | |||
// like AOL. |
Revision as of 03:42, 29 April 2007
Martin Langhoff
- "It restricts a single session from changing IP, and this is mostly a debugging tool for a strange problem that we think is a PHP bug. It does not stop a single user from having more than one session."
- http://moodle.org/mod/forum/discuss.php?d=47271#217274
Config.php
- to turn it on, go to config.php and uncomment:
- $CFG->tracksessionip= True;
// If this setting is set to true, then Moodle will track the IP of the // current user to make sure it hasn't changed during a session. This // will prevent the possibility of sessions being hijacked via XSS, but it // may break things for users coming using proxies that change all the time, // like AOL.