source.dussan.org Git - nextcloud-server.git/commit

]> source.dussan.org Git - nextcloud-server.git/commit

projects / nextcloud-server.git / commit

author	Florian Preinstorfer <nblock@archlinux.us>
	Tue, 13 Mar 2012 15:00:53 +0000 (16:00 +0100)
committer	Robin Appelman <icewind@owncloud.com>
	Thu, 12 Apr 2012 17:15:38 +0000 (19:15 +0200)
commit	b86f2069ff1f434373c0babe0c28db5ee431498e
tree	3c593d0414194982d43f9b1007f86ec4285e1435	tree \| snapshot
parent	2f3c0a6d804609aa908b8e938943e3ab8679b0a9	commit \| diff

Fix a session fixation vulnerability

- regenerate the session for every successful login
- properly destroy a session

Further information can be found on:
https://en.wikipedia.org/wiki/session_fixation

lib/user.php

diff | blob | history

Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

RSS Atom