Bug 1760 fixed : Avoid session fixation

After connection, session id is changed using session_regenerate_id
but without removing old session. Passing param true makes the job

Merge from trunk

git-svn-id: http://piwigo.org/svn/branches/2.1@6661 68402e56-0260-453c-a942-63ccdbb3a9ee

include/functions_user.inc.php

@@ -1100,7 +1100,7 @@ function log_user($user_id, $remember_me)
   if ( session_id()!="" )
   { // we regenerate the session for security reasons
     // see http://www.acros.si/papers/session_fixation.pdf
-    session_regenerate_id();
+    session_regenerate_id(true);
   }
   else
   {