Note: You are currently viewing documentation for Moodle 2.3. Up-to-date documentation for the latest stable version is available here: tracksessionip.

tracksessionip: Difference between revisions

From MoodleDocs
No edit summary
Line 1: Line 1:




 
==Comments==
==Martin Langhoff==
* "It restricts a single session from changing IP, and this is mostly a debugging tool for a strange problem that we think is a PHP bug. It does not stop a single user from having more than one session."
* "It restricts a single session from changing IP, and this is mostly a debugging tool for a strange problem that we think is a PHP bug. It does not stop a single user from having more than one session."
* http://moodle.org/mod/forum/discuss.php?d=47271#217274
** Martin Langhoff in http://moodle.org/mod/forum/discuss.php?d=47271#217274
* "suppose you logged in using a dial up connection.  If you get disconnected and then reconnect, tracksessionip will not let you open pages even if you had your browser open."
** Vikram Solia in http://moodle.org/mod/forum/discuss.php?d=32879#157645


==Config.php==
==Config.php==

Revision as of 03:47, 29 April 2007


Comments

Config.php

  • to turn it on, go to config.php and uncomment:
  • $CFG->tracksessionip= True;
// If this setting is set to true, then Moodle will track the IP of the
// current user to make sure it hasn't changed during a session.  This
// will prevent the possibility of sessions being hijacked via XSS, but it
// may break things for users coming using proxies that change all the time,
// like AOL.