Fix(Index.php) Session ID renew after login

Fix session ID is now renewed after proper login

Fix(Index.php) Session ID renew after login
Fix session ID is now renewed after proper login
c423c93d · dockx thibault · ed08e11a · c423c93d
Verified Commit c423c93d authored 2 years ago by dockx thibault
Hide whitespace changes
Inline Side-by-side

Showing

with 4 additions and 0 deletions
+4 -0
--- a/html/index.php
+++ b/html/index.php
@@ -408,6 +408,10 @@ class Index {
    if ($success) {
      /* Everything went well, redirect to main.php */
+      //Regenerate after login in order to avoid session fixation issues (vuln),
+      session_regenerate_id();
      static::redirect();
    }
  }