Destroy session when it becomes invalid

2017-05-14 21:53:08 +02:00 · 2017-05-14 21:53:08 +02:00 · 49f28ecaf8
commit 49f28ecaf8
parent 3ab77b1303
1 changed files with 5 additions and 1 deletions
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@ -54,5 +54,9 @@ function session_check() {
  return true;
 }
 if (isset($_SESSION['mailcow_cc_role']) && session_check() === false) {
-  exit("Invalid session");
+  session_regenerate_id(true);
+  session_unset();
+  session_destroy();
+  session_write_close();
+  header("Location: /");
 }