Regenerate session ids.

This commit is contained in:
Robert Elder 2014-09-29 22:48:52 +00:00
parent 5a62611b00
commit 78cc43d33d
1 changed files with 2 additions and 0 deletions

View File

@ -56,6 +56,8 @@ class LoginController extends Zend_Controller_Action
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
// Regenerate session id on login to prevent session fixation.
Zend_Session::regenerateId();
//all info about this user from the login table omit only the password
$userInfo = $authAdapter->getResultRowObject(null, 'password');