Regenerate session cookie after removing conflict

2026-01-06 18:21:39 +09:00 · 2020-04-05 00:43:04 +09:00 · 2020-04-05 00:43:04 +09:00 · 99bab256b3
commit 99bab256b3
parent d0df41d232
1 changed files with 2 additions and 1 deletions
--- a/common/framework/session.php
+++ b/common/framework/session.php
@ -202,9 +202,10 @@ class Session
 		}
 		
 		// If this is a new session, remove conflicting cookies.
-		if ($domain === null && !isset($_SESSION['conflict_clean']))
+		if ($cookie_exists && $domain === null && !isset($_SESSION['conflict_clean']))
 		{
 			self::destroyCookiesFromConflictingDomains(array(session_name(), 'rx_autologin', 'rx_sesskey1', 'rx_sesskey2'), true);
+			session_regenerate_id();
 			$_SESSION['conflict_clean'] = true;
 		}