From aad6e2a9c4857715c8bd56693d21b87dd0c16263 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Tue, 27 Mar 2007 05:34:30 -0400
Subject: [PATCH] New session authentication, should fix bugs #1483951 and #1484299; testing required

---
 config/main.inc.php.dist |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index 490c623..c2c9d39 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -97,7 +97,11 @@
 $rcmail_config['session_lifetime'] = 10;
 
 // check client IP in session athorization
-$rcmail_config['ip_check'] = TRUE;
+$rcmail_config['ip_check'] = false;
+
+// Use an additional frequently changing cookie to athenticate user sessions.
+// There have been problems reported with this feature.
+$rcmail_config['double_auth'] = false;
 
 // this key is used to encrypt the users imap password which is stored
 // in the session record (and the client cookie if remember password is enabled).

--
Gitblit v1.9.1