From c4bfb69f24b4e7354825b44bbdda66d4e2b49cd8 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 6 Mar 2014 14:39:39 -0600
Subject: [PATCH] Don't recreate session on login

---
 include/class.auth.php | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/include/class.auth.php b/include/class.auth.php
index 812f66215..e7b299a98 100644
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -320,15 +320,6 @@ abstract class StaffAuthenticationBackend  extends AuthenticationBackend {
         $_SESSION['TZ_OFFSET'] = $staff->getTZoffset();
         $_SESSION['TZ_DST'] = $staff->observeDaylight();
 
-        //Regenerate session id.
-        $sid = session_id(); //Current id
-        session_regenerate_id(true);
-        // Destroy old session ID - needed for PHP version < 5.1.0
-        // DELME: remove when we move to php 5.3 as min. requirement.
-        if(($session=$ost->getSession()) && is_object($session)
-                && $sid!=session_id())
-            $session->destroy($sid);
-
         Signal::send('auth.login.succeeded', $staff);
 
         $staff->cancelResetTokens();
@@ -444,12 +435,6 @@ abstract class UserAuthenticationBackend  extends AuthenticationBackend {
                 $user->getUserName(), $user->getId(), $_SERVER['REMOTE_ADDR']);
         $ost->logDebug('User login', $msg);
 
-        //Regenerate session ID.
-        $sid=session_id(); //Current session id.
-        session_regenerate_id(TRUE); //get new ID.
-        if(($session=$ost->getSession()) && is_object($session) && $sid!=session_id())
-            $session->destroy($sid);
-
         return true;
     }
 
-- 
GitLab