|
4 | 4 | $username = domain_admin_sso('check', $_GET['sso_token']); |
5 | 5 |
|
6 | 6 | if ($username !== false) { |
7 | | - session_regenerate_id(); |
| 7 | + session_regenerate_id(true); |
8 | 8 | $_SESSION['mailcow_cc_username'] = $username; |
9 | 9 | $_SESSION['mailcow_cc_role'] = 'domainadmin'; |
10 | 10 | header('Location: /mailbox'); |
|
88 | 88 | $as = check_login($login_user, $_POST["pass_user"]); |
89 | 89 |
|
90 | 90 | if ($as == "admin") { |
91 | | - session_regenerate_id(); |
| 91 | + session_regenerate_id(true); |
92 | 92 | $_SESSION['mailcow_cc_username'] = $login_user; |
93 | 93 | $_SESSION['mailcow_cc_role'] = "admin"; |
94 | 94 | header("Location: /debug"); |
95 | 95 | die(); |
96 | 96 | } |
97 | 97 | elseif ($as == "domainadmin") { |
98 | | - session_regenerate_id(); |
| 98 | + session_regenerate_id(true); |
99 | 99 | $_SESSION['mailcow_cc_username'] = $login_user; |
100 | 100 | $_SESSION['mailcow_cc_role'] = "domainadmin"; |
101 | 101 | header("Location: /mailbox"); |
102 | 102 | die(); |
103 | 103 | } |
104 | 104 | elseif ($as == "user") { |
105 | | - session_regenerate_id(); |
| 105 | + session_regenerate_id(true); |
106 | 106 | $_SESSION['mailcow_cc_username'] = $login_user; |
107 | 107 | $_SESSION['mailcow_cc_role'] = "user"; |
108 | 108 | $http_parameters = explode('&', $_SESSION['index_query_string']); |
|
127 | 127 | unset($_SESSION['mailcow_cc_username']); |
128 | 128 | unset($_SESSION['mailcow_cc_role']); |
129 | 129 | } else { |
130 | | - session_regenerate_id(); |
| 130 | + session_regenerate_id(true); |
131 | 131 | } |
132 | 132 | } |
133 | 133 |
|
|
0 commit comments