aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorNicolas <nikrou77@gmail.com>2016-02-10 12:37:12 +0100
committerNicolas <nikrou77@gmail.com>2016-02-10 12:37:12 +0100
commit0909717c37cdf2ddadcddaf92d610f5243ec3c17 (patch)
tree3a545ee14ca752ab73eab2208f2e7d96cdc9a0fc /include
parenta35c7bdf18ef2e74738a0867b70aab18aa48ec9f (diff)
if php version is less than 7.0.3 and session_id exists do nothing
Diffstat (limited to 'include')
-rw-r--r--include/functions_user.inc.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index ac85d1b47..f0d30ea49 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -945,10 +945,13 @@ function log_user($user_id, $remember_me)
{ // make sure we clean any remember me ...
setcookie($conf['remember_me_name'], '', 0, cookie_path(),ini_get('session.cookie_domain'));
}
- if ( session_id()!="" and (version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0))
+ if ( session_id()!="" )
{ // we regenerate the session for security reasons
// see http://www.acros.si/papers/session_fixation.pdf
- session_regenerate_id(true);
+ if ((version_compare(PHP_VERSION, '7') <= 0 or version_compare(PHP_VERSION, '7.0.3') >= 0))
+ {
+ session_regenerate_id(true);
+ }
}
else
{