bug #408 fixed, no session_regenerate_id on early PHP 7 versions

author: plg <plg@s04> 2016-01-27 15:36:00 +0100
committer: plg <plg@s04> 2016-01-27 15:36:00 +0100
commit: f04e4d8b4fe338680f5931bc1609b9201c6cd023 (patch)
tree: 536da56eeda4c1e2afac91818fca7c61f7719414 /include/functions_user.inc.php
parent: 7ae2094726e94ae9662a53ff554c916a40b4283c (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 65ddef1ca..2b9d48752 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -945,7 +945,7 @@ function log_user($user_id, $remember_me)
   { // make sure we clean any remember me ...
     setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain'));
   }
-  if ( session_id()!="" )
+  if ( session_id()!="" and (version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0))
   { // we regenerate the session for security reasons
     // see http://www.acros.si/papers/session_fixation.pdf
     session_regenerate_id(true);
@@ -1597,4 +1597,4 @@ SELECT
     return create_user_auth_key($user_id, $user_status);
   }
 }
-?>
-\ No newline at end of file
+?>
author	plg <plg@s04>	2016-01-27 15:36:00 +0100
committer	plg <plg@s04>	2016-01-27 15:36:00 +0100
commit	f04e4d8b4fe338680f5931bc1609b9201c6cd023 (patch)
tree	536da56eeda4c1e2afac91818fca7c61f7719414 /include/functions_user.inc.php
parent	7ae2094726e94ae9662a53ff554c916a40b4283c (diff)