From 99bab256b39a482a752b8338e927f3b79e8fd522 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Sun, 5 Apr 2020 00:43:04 +0900
Subject: [PATCH] Regenerate session cookie after removing conflict

---
 common/framework/session.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/common/framework/session.php b/common/framework/session.php
index 45fd00aa8..a49c50a54 100644
--- a/common/framework/session.php
+++ b/common/framework/session.php
@@ -202,9 +202,10 @@ class Session
 		}
 		
 		// If this is a new session, remove conflicting cookies.
-		if ($domain === null && !isset($_SESSION['conflict_clean']))
+		if ($cookie_exists && $domain === null && !isset($_SESSION['conflict_clean']))
 		{
 			self::destroyCookiesFromConflictingDomains(array(session_name(), 'rx_autologin', 'rx_sesskey1', 'rx_sesskey2'), true);
+			session_regenerate_id();
 			$_SESSION['conflict_clean'] = true;
 		}