[session] Add option to bind session to IP address

1 files changed, 2 insertions, 2 deletions

diff --git a/inc/user.inc.php b/inc/user.inc.php
index 46cc6012..d587c462 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -142,14 +142,14 @@ class User
 		return Database::exec('UPDATE user SET passwd = :passwd WHERE userid = :userid LIMIT 1', compact('userid', 'passwd')) > 0;
 	}
 
-	public static function login($user, $pass)
+	public static function login(string $user, string $pass, bool $fixedIp)
 	{
 		$ret = Database::queryFirst('SELECT userid, passwd FROM user WHERE login = :user LIMIT 1', array(':user' => $user));
 		if ($ret === false)
 			return false;
 		if (!Crypto::verify($pass, $ret['passwd']))
 			return false;
-		Session::create($ret['passwd'], $ret['userid'], false);
+		Session::create($ret['passwd'], $ret['userid'], $fixedIp);
 		Session::set('token', md5($ret['passwd'] . ','
 			. rand() . ','
 			. time() . ','