ifl/iflrandevu
1
1
Fork 0
forked from mirrors/easyappointments
Code Issues 6 Pull requests Releases 3 Activity

Regenerate the session ID after logging in to avoid Session Fixation attacks

Browse source
This commit is contained in:
Alex Tselegidis 2023-04-15 14:46:30 +02:00
parent 75b2473576
commit 7f37350fab
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
application/controllers/Login.php
View file

@ -76,6 +76,8 @@ class Login extends EA_Controller {
{ {
throw new InvalidArgumentException('Invalid credentials provided, please try again.'); throw new InvalidArgumentException('Invalid credentials provided, please try again.');
} }
$this->session->sess_regenerate();
session($user_data); // Save data in the session. session($user_data); // Save data in the session.