diff options
author | Andrey Andreev <narf@devilix.net> | 2014-11-04 11:28:57 +0100 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2014-11-04 11:28:57 +0100 |
commit | ff37ffe164443e53b24d529f967a1bdf065bff3a (patch) | |
tree | ad2d32848d386ea3675928869b4527ae48df0f46 /system | |
parent | 8e60b9a40a01a021e865b24e7d709e9e6ede0beb (diff) |
#3073 (feature/session): Don't regenerate IDs on AJAX requests
Diffstat (limited to 'system')
-rw-r--r-- | system/libraries/Session/Session.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index f250c3d64..bf11cd181 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -122,7 +122,11 @@ class CI_Session { session_start(); - if (($regenerate_time = config_item('sess_time_to_update')) > 0) + // Is session ID auto-regeneration configured? (ignoring ajax requests) + if ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) + && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest' + && $regenerate_time = config_item('sess_time_to_update')) > 0 + ) { if ( ! isset($_SESSION['__ci_last_regenerate'])) { |