Skip to content

Commit

Permalink
[Web] Delete old session_id after regenerate
Browse files Browse the repository at this point in the history
  • Loading branch information
@FreddleSpl0it
FreddleSpl0it committed Jan 23, 2025
1 parent 43f945f commit da02e26
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions data/web/inc/triggers.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
$username = domain_admin_sso('check', $_GET['sso_token']);

if ($username !== false) {
session_regenerate_id();
session_regenerate_id(true);
$_SESSION['mailcow_cc_username'] = $username;
$_SESSION['mailcow_cc_role'] = 'domainadmin';
header('Location: /mailbox');
Expand Down Expand Up @@ -88,21 +88,21 @@
$as = check_login($login_user, $_POST["pass_user"]);

if ($as == "admin") {
session_regenerate_id();
session_regenerate_id(true);
$_SESSION['mailcow_cc_username'] = $login_user;
$_SESSION['mailcow_cc_role'] = "admin";
header("Location: /debug");
die();
}
elseif ($as == "domainadmin") {
session_regenerate_id();
session_regenerate_id(true);
$_SESSION['mailcow_cc_username'] = $login_user;
$_SESSION['mailcow_cc_role'] = "domainadmin";
header("Location: /mailbox");
die();
}
elseif ($as == "user") {
session_regenerate_id();
session_regenerate_id(true);
$_SESSION['mailcow_cc_username'] = $login_user;
$_SESSION['mailcow_cc_role'] = "user";
$http_parameters = explode('&', $_SESSION['index_query_string']);
Expand All @@ -127,7 +127,7 @@
unset($_SESSION['mailcow_cc_username']);
unset($_SESSION['mailcow_cc_role']);
} else {
session_regenerate_id();
session_regenerate_id(true);
}
}

Expand Down

0 comments on commit da02e26

Please sign in to comment.