*/
public function hasSessionExpired()
{
+ if (empty($this->session['expires_on'])) {
+ return true;
+ }
if (time() >= $this->session['expires_on']) {
return true;
}
if ($this->conf->get('security.session_protection_disabled') === true) {
return false;
}
- if ($this->session['ip'] == $clientIpId) {
+ if (isset($this->session['ip']) && $this->session['ip'] === $clientIpId) {
return false;
}
return true;