void Auth::setAdvancedSecurity (
mixed $flag = true
Enables advanced security features to make man in the middle attacks and session hijacking much harder. Cookies and java script must be enabled on the client browser for some of these features to function correctly.
Enables the following security features of auth
Detection of client ip address change or User-Agent header change if such a change is detected the user will be logged out
Each client request a special unique cookie is given to the client. He must present this cookie on his next request. This cookie changes on every request. If client does not present the valid cookie he will be logged out.
This method is available since 1.3.0
TRUE if you want to enable advanced security features FALSE if you want to disable them.
You also may pass an array if you want to fine-tune security options. TRUE means the following:
AUTH_ADV_USERAGENT => true,
AUTH_ADV_IPCHECK => true,
AUTH_ADV_CHALLENGE => true
This function can not be called statically.