RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1557 from xisi/security-invalidsession-fix

Browse Source 
[FIX] Invalid session regeneration
This commit is contained in:
Joey 2014-01-23 11:43:29 -08:00
commit 8b59e3d519
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
public/index.php
View File

@ -36,7 +36,11 @@ $master_template = 'master.tpl';
// Start a session
session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
session_start();
@$session_start = session_start();
if (!$session_start) {
session_regenerate_id(true);
session_start();
}
setcookie(session_name(),session_id(),time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
$session_id = session_id();