From 483155cf4c1e3068aaee0d44541dfa61f6223379 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Mon, 27 Nov 2023 23:16:51 +0100
Subject: [PATCH] Prevent session fixation

---
 system/login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/system/login.php b/system/login.php
index d0e19efd..095b849c 100644
--- a/system/login.php
+++ b/system/login.php
@@ -94,6 +94,7 @@ else
 				&& (!isset($t) || $t['attempts'] < 5)
 				)
 			{
+				session_regenerate_id();
 				setSession('account', $account_logged->getId());
 				setSession('password', encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $login_password));
 				if($remember_me) {