Generate a new session id if the decrypting the session data fails

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2020-12-04 11:42:40 +01:00 committed by backportbot[bot]
parent 2ade35f6da
commit ca917c59e1
1 changed files with 1 additions and 0 deletions

View File

@ -87,6 +87,7 @@ class CryptoSessionData implements \ArrayAccess, ISession {
);
} catch (\Exception $e) {
$this->sessionValues = [];
$this->regenerateId(true, false);
}
}