From 45e366745d641c8e7e28f51028ff16a24f858e19 Mon Sep 17 00:00:00 2001 From: Pierre Goiffon Date: Thu, 24 Sep 2020 17:34:57 +0200 Subject: [PATCH] =?UTF-8?q?N=C2=B03333=20Security=20hardening?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/userrights.class.inc.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/core/userrights.class.inc.php b/core/userrights.class.inc.php index 5c746bbb1..12a936787 100644 --- a/core/userrights.class.inc.php +++ b/core/userrights.class.inc.php @@ -1343,9 +1343,8 @@ class UserRights // The bug has been fixed in PHP 7.2, but in case session_regenerate_id() // fails we just silently ignore the error and keep the same session id... $old_error_handler = set_error_handler(array(__CLASS__, 'VoidErrorHandler')); - session_regenerate_id(); - if ($old_error_handler !== null) - { + session_regenerate_id(true); + if ($old_error_handler !== null) { set_error_handler($old_error_handler); } }