diff options
author | Nicolas <nikrou77@gmail.com> | 2016-02-10 12:37:12 +0100 |
---|---|---|
committer | Nicolas <nikrou77@gmail.com> | 2016-02-10 12:37:12 +0100 |
commit | 0909717c37cdf2ddadcddaf92d610f5243ec3c17 (patch) | |
tree | 3a545ee14ca752ab73eab2208f2e7d96cdc9a0fc | |
parent | a35c7bdf18ef2e74738a0867b70aab18aa48ec9f (diff) |
if php version is less than 7.0.3 and session_id exists do nothing
-rw-r--r-- | include/functions_user.inc.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index ac85d1b47..f0d30ea49 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -945,10 +945,13 @@ function log_user($user_id, $remember_me) { // make sure we clean any remember me ... setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain')); } - if ( session_id()!="" and (version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0)) + if ( session_id()!="" ) { // we regenerate the session for security reasons // see http://www.acros.si/papers/session_fixation.pdf - session_regenerate_id(true); + if ((version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0)) + { + session_regenerate_id(true); + } } else { |