From 30eb41b4dd4b9b1fc206f173820998f18b22c1b8 Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Wed, 2 May 2001 00:32:10 +0000
Subject: [PATCH] Prevent logged in user logging in again from diff IP in same
 sess

git-svn-id: file:///svn/phpbb/trunk@224 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/sessions.php | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/phpBB/includes/sessions.php b/phpBB/includes/sessions.php
index ca7a97ba2b..dae49cf68e 100644
--- a/phpBB/includes/sessions.php
+++ b/phpBB/includes/sessions.php
@@ -64,14 +64,28 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $login = F
 	{
 		if($user_id == ANONYMOUS)
 		{
-			$login = 0;
+			$login = FALSE;
+			$autologin = FALSE;
+		}
+		//
+		// Remove duplicate user_id from session table
+		// if IP is different ... stops same user
+		// logging in from different PC's at same time 
+		// Do we want this ???
+		//
+		if( ( $login || $autologin ) && $user_id != ANONYMOUS && $user_id != DELETED )
+		{
+			$sql_delete_same_user = "DELETE FROM ".SESSIONS_TABLE."
+				WHERE session_user_id = '$user_id'
+					AND session_ip != '$int_ip'
+					AND session_logged_in = '1'";
+			$result = $db->sql_query($sql_delete_same_user);
 		}
 	
 		$sql_update = "UPDATE ".SESSIONS_TABLE."
 			SET session_user_id = '$user_id', session_start = '$current_time', session_time = '$current_time', session_page = '$page_id', session_logged_in = '$login'
 			WHERE (session_id = '".$cookiedata['sessionid']."')
 				AND (session_ip = '$int_ip')";
-	
 		$result = $db->sql_query($sql_update);
 
 		if(!$result || !$db->sql_affectedrows())