From 0909717c37cdf2ddadcddaf92d610f5243ec3c17 Mon Sep 17 00:00:00 2001
From: Nicolas <nikrou77@gmail.com>
Date: Wed, 10 Feb 2016 12:37:12 +0100
Subject: if php version is less than 7.0.3 and session_id exists do nothing

---
 include/functions_user.inc.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index ac85d1b47..f0d30ea49 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -945,10 +945,13 @@ function log_user($user_id, $remember_me)
   { // make sure we clean any remember me ...
     setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain'));
   }
-  if ( session_id()!="" and (version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0))
+  if ( session_id()!="" )
   { // we regenerate the session for security reasons
     // see http://www.acros.si/papers/session_fixation.pdf
-    session_regenerate_id(true);
+      if ((version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0))
+      {
+        session_regenerate_id(true);
+      }
   }
   else
   {
-- 
cgit v1.2.3