From 8eaeb6c3328d077e6b49786f67a083a5f6558435 Mon Sep 17 00:00:00 2001
From: Aaron van Geffen <aaron@aaronweb.net>
Date: Tue, 5 Nov 2024 16:45:40 +0100
Subject: [PATCH] Authentication: remove remnants of user agent checks

---
 models/Authentication.php | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/models/Authentication.php b/models/Authentication.php
index c92f9aff..afcc55d6 100644
--- a/models/Authentication.php
+++ b/models/Authentication.php
@@ -78,15 +78,6 @@ class Authentication
 	 */
 	public static function isLoggedIn()
 	{
-		// Check whether the active session matches the current user's environment.
-		if (isset($_SESSION['ip_address'], $_SESSION['user_agent']) && (
-			 (isset($_SERVER['REMOTE_ADDR']) && $_SESSION['ip_address'] != $_SERVER['REMOTE_ADDR']) ||
-			 (isset($_SERVER['HTTP_USER_AGENT']) && $_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])))
-		{
-			session_destroy();
-			return false;
-		}
-
 		// A user is logged in if a user id exists in the session and this id is (still) in the database.
 		return isset($_SESSION['user_id']) && self::checkExists($_SESSION['user_id']);
 	}