N°3333 Security hardening

2026-02-13 07:24:13 +01:00 · 2020-09-24 17:34:57 +02:00
parent 1e634a8bba
commit 45e366745d
1 changed files with 2 additions and 3 deletions
--- a/core/userrights.class.inc.php
+++ b/core/userrights.class.inc.php
@@ -1343,9 +1343,8 @@ class UserRights
 			// The bug has been fixed in PHP 7.2, but in case session_regenerate_id()
 			// fails we just silently ignore the error and keep the same session id...
 			$old_error_handler = set_error_handler(array(__CLASS__, 'VoidErrorHandler'));
-			session_regenerate_id();
-			if ($old_error_handler !== null)
-			{
+			session_regenerate_id(true);
+			if ($old_error_handler !== null) {
 				set_error_handler($old_error_handler);
 			}
 		}