* To support custom PHP sessions, s9y will only issue session_start,

if no session exists yet (garvinhicking)
2010-01-20 09:45:48 +00:00
parent d29998d65e
commit 757c557b6b
2 changed files with 4 additions and 1 deletions
--- a/serendipity_config.inc.php
+++ b/serendipity_config.inc.php
@ -12,8 +12,8 @@ if (!headers_sent()) {
    // Only set the session name, if no session has yet been issued.
    if (session_id() == '') {
        session_name('s9y_' . md5(dirname(__FILE__)));
+        session_start();
    }
-    session_start();
    
    // Prevent session fixation by only allowing sessions that have been sent by the server.
    // Any session that does not contain our unique token will be regarded as foreign/fixated