aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/sessions.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/sessions.php')
-rw-r--r--engine/lib/sessions.php5
1 files changed, 4 insertions, 1 deletions
diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index 92aeb92a2..c6ae6f8d4 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -127,7 +127,10 @@
unset($_SESSION['user']);
setcookie("elggperm", "", (time()-(86400 * 30)),"/");
return false;
- }
+ }
+
+ // Users privilege has been elevated, so change the session id (help prevent session hijacking)
+ session_regenerate_id();
return true;
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-28 23:53:17 +0000