From 019950c8a8b135f0c6336705b4b7187bbcf46937 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Thu, 30 Apr 2026 23:13:05 +0900
Subject: [PATCH] Prevent unnecessary double cookie refresh when logging in as
 admin

---
 classes/module/ModuleObject.class.php | 4 ++--
 common/framework/Session.php          | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/classes/module/ModuleObject.class.php b/classes/module/ModuleObject.class.php
index df397e020..c0861660d 100644
--- a/classes/module/ModuleObject.class.php
+++ b/classes/module/ModuleObject.class.php
@@ -226,9 +226,9 @@ class ModuleObject extends BaseObject
 			}
 
 			// Refresh session
-			if (!isset($_SESSION['RHYMIX']['admin_accessed']))
+			if (!isset($_SESSION['RHYMIX']['admin_accessed']) && !headers_sent())
 			{
-				if (!headers_sent())
+				if (!isset($_SESSION['RHYMIX']['last_refresh']) || $_SESSION['RHYMIX']['last_refresh'] < time() - 10)
 				{
 					$_SESSION['RHYMIX']['admin_accessed'] = \RX_TIME;
 					Rhymix\Framework\Session::refresh(true);
diff --git a/common/framework/Session.php b/common/framework/Session.php
index 1891a0e8b..4cf729897 100644
--- a/common/framework/Session.php
+++ b/common/framework/Session.php
@@ -446,7 +446,7 @@ class Session
 		if ($refresh)
 		{
 			self::checkLoginStatusCookie();
-			return self::refresh(true);
+			return $_SESSION['RHYMIX']['next_refresh'] = true;
 		}
 		else
 		{