X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fauth.php;h=cba6a67a7fd7ec5124b919540bc3b6bf118013cc;hb=115310f1f45124d7c2a0788adf5112ce0f60d3a3;hp=1341f3bb8a7af7a26069ce7cabfc942f01f90195;hpb=aace55df0ad279d74c5e612078c3f29d114389dc;p=friendica.git

diff --git a/include/auth.php b/include/auth.php
old mode 100755
new mode 100644
index 1341f3bb8a..cba6a67a7f
--- a/include/auth.php
+++ b/include/auth.php
@@ -11,6 +11,13 @@ function nuke_session() {
 	unset($_SESSION['cid']);
 	unset($_SESSION['theme']);
 	unset($_SESSION['page_flags']);
+	unset($_SESSION['submanage']);
+	unset($_SESSION['my_url']);
+	unset($_SESSION['my_address']);
+	unset($_SESSION['addr']);
+	unset($_SESSION['return_url']);
+	unset($_SESSION['theme']);
+	unset($_SESSION['page_flags']);
 }
 
 
@@ -46,6 +53,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 		$check = get_config('system','paranoia');
 		// extra paranoia - if the IP changed, log them out
 		if($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
+			logger('Session address changed. Paranoid setting in effect, blocking session. ' 
+				. $_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
 			nuke_session();
 			goaway(z_root());
 		}