From ff37ffe164443e53b24d529f967a1bdf065bff3a Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 4 Nov 2014 12:28:57 +0200 Subject: #3073 (feature/session): Don't regenerate IDs on AJAX requests --- system/libraries/Session/Session.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'system/libraries/Session') diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php index f250c3d64..bf11cd181 100644 --- a/system/libraries/Session/Session.php +++ b/system/libraries/Session/Session.php @@ -122,7 +122,11 @@ class CI_Session { session_start(); - if (($regenerate_time = config_item('sess_time_to_update')) > 0) + // Is session ID auto-regeneration configured? (ignoring ajax requests) + if ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) + && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest' + && $regenerate_time = config_item('sess_time_to_update')) > 0 + ) { if ( ! isset($_SESSION['__ci_last_regenerate'])) { -- cgit v1.2.3-24-g4f1b