Skip to content
GitLab
Verified Commit aaf236ae authored by dockx thibault's avatar dockx thibault
Browse files

:ambulance: (login) - session fix security 

Security purposes - regen session id
parent fb35a648
core-php8
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 2 deletions
+1 -2
include/login/class_LoginMethod.inc
+ 1
2
View file @ aaf236ae
...@@ -160,8 +160,7 @@ class LoginMethod ...@@ -160,8 +160,7 @@ class LoginMethod
$ui = session::get('ui'); $ui = session::get('ui');
// Create new session ID in order to have session_fixation security issues after success login // Create new session ID in order to have session_fixation security issues after success login
echo 'before_refreshing_id'; session_regenerate_id();
//session_regenerate_id();
/* Not account expired or password forced change go to main page */ /* Not account expired or password forced change go to main page */
logging::log('security', 'login', $ui->uid, [], 'Logged in successfully'); logging::log('security', 'login', $ui->uid, [], 'Logged in successfully');
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment