Révision ff9b30ec
Ajouté par Renato Botelho il y a presque 10 ans
| etc/inc/auth.inc | ||
|---|---|---|
| 1361 | 1361 |
$authcfg = auth_get_authserver($config['system']['webgui']['authmode']); |
| 1362 | 1362 |
if (authenticate_user($_POST['usernamefld'], $_POST['passwordfld'], $authcfg) || |
| 1363 | 1363 |
authenticate_user($_POST['usernamefld'], $_POST['passwordfld'])) {
|
| 1364 |
session_regenerate_id(); |
|
| 1364 | 1365 |
$_SESSION['Logged_In'] = "True"; |
| 1365 | 1366 |
$_SESSION['Username'] = $_POST['usernamefld']; |
| 1366 | 1367 |
$_SESSION['last_access'] = time(); |
Formats disponibles : Unified diff
Re-generate session ID on a successful login to avoid session fixation