Merge pull request #68 from RobertElder/session

Regenerate session ids.
This commit is contained in:
dpsommer 2014-10-07 10:10:41 -04:00
commit 5cc93eac3c
1 changed files with 2 additions and 0 deletions

View File

@ -56,6 +56,8 @@ class LoginController extends Zend_Controller_Action
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
// Regenerate session id on login to prevent session fixation.
Zend_Session::regenerateId();
//all info about this user from the login table omit only the password
$userInfo = $authAdapter->getResultRowObject(null, 'password');