Skip to content
Snippets Groups Projects
Commit 51306893 authored by Steven Wittens's avatar Steven Wittens
Browse files

- sa-2006-003: Session fixation issue

parent 8b12ba7d
No related branches found
Tags 2.0.0-beta1 8.x-2.0-beta1
No related merge requests found
......@@ -792,6 +792,12 @@ function user_login($edit = array(), $msg = '') {
user_module_invoke('login', $edit, $user);
if (function_exists('session_regenerate_id')) {
$old_session_id = session_id();
session_regenerate_id();
db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
}
// Redirect the user to the page he logged on from.
drupal_goto($edit['destination']);
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment