From 810205625b8afb7e08b2829723426f021e0a5c1b Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Thu, 4 Apr 2013 12:55:15 +0400
Subject: session validation: check for tt-rss version

---
 include/sessions.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'include/sessions.php')

diff --git a/include/sessions.php b/include/sessions.php
index 15178915a..0edda4ec7 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -5,6 +5,7 @@
 	require_once "db.php";
 	require_once "lib/accept-to-gettext.php";
 	require_once "lib/gettext/gettext.inc";
+	require_once "version.php";
 
 	$session_expire = max(SESSION_COOKIE_LIFETIME, 86400);
 	$session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME;
@@ -38,6 +39,8 @@
 		if (SINGLE_USER_MODE) return true;
 		if (!$link) return false;
 
+		if (VERSION != $_SESSION["version"]) return false;
+
 		$check_ip = $_SESSION['ip_address'];
 
 		switch (SESSION_CHECK_ADDRESS) {
-- 
cgit v1.2.3-54-g00ecf