Generate new token on forcible generating of session id.

2010-08-17 15:30:47 +02:00
parent 9e2a3f207b
commit e8cf1ac677
1 changed files with 2 additions and 1 deletions
--- a/libraries/session.inc.php
+++ b/libraries/session.inc.php
@@ -101,5 +101,6 @@ function PMA_secureSession()
 {
    // prevent session fixation and XSS
    session_regenerate_id(true);
+    $_SESSION[' PMA_token '] = md5(uniqid(rand(), true));
 }
-?>
+?>