Okay, my account and post was deleted. It'd be nice to know what I did to deserve that.
As sated before, I have an issue with a client, that now seems to be resolved.
Issue: "Session expired or invalid."
Fix: $rcmail_config['ip_check'] = false;
I switched the ip_check to false from the default value it had, true.
What are the security concerns for doing this?
Thanks,
Neil
I may have accidentally deleted your account while removing spam users for which I give you my apologies. I didn't mean anything by it.
The ip_check setting is off by default since it can causes problems. It helps prevent session hijacking since you have to have the same ip address in order to use the session but its not a major problem to have it off, most RoundCube install don't have it enabled.