summaryrefslogtreecommitdiffstats
path: root/system
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2014-11-04 11:28:57 +0100
committerAndrey Andreev <narf@devilix.net>2014-11-04 11:28:57 +0100
commitff37ffe164443e53b24d529f967a1bdf065bff3a (patch)
treead2d32848d386ea3675928869b4527ae48df0f46 /system
parent8e60b9a40a01a021e865b24e7d709e9e6ede0beb (diff)
#3073 (feature/session): Don't regenerate IDs on AJAX requests
Diffstat (limited to 'system')
-rw-r--r--system/libraries/Session/Session.php6
1 files changed, 5 insertions, 1 deletions
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index f250c3d64..bf11cd181 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -122,7 +122,11 @@ class CI_Session {
session_start();
- if (($regenerate_time = config_item('sess_time_to_update')) > 0)
+ // Is session ID auto-regeneration configured? (ignoring ajax requests)
+ if ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH'])
+ && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest'
+ && $regenerate_time = config_item('sess_time_to_update')) > 0
+ )
{
if ( ! isset($_SESSION['__ci_last_regenerate']))
{