Merge branch 'staging' into nightly

data/web/inc/triggers.inc.php

@@ -32,7 +32,7 @@ if (!empty($_GET['sso_token'])) {
   $username = domain_admin_sso('check', $_GET['sso_token']);
 
   if ($username !== false) {
-    session_regenerate_id();
+    session_regenerate_id(true);
     $_SESSION['mailcow_cc_username'] = $username;
     $_SESSION['mailcow_cc_role'] = 'domainadmin';
     header('Location: /mailbox');
@@ -139,14 +139,14 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
   $as = check_login($login_user, $_POST["pass_user"]);
 
 	if ($as == "admin") {
-    session_regenerate_id();
+    session_regenerate_id(true);
 		$_SESSION['mailcow_cc_username'] = $login_user;
 		$_SESSION['mailcow_cc_role'] = "admin";
 		header("Location: /debug");
     die();
 	}
 	elseif ($as == "domainadmin") {
-    session_regenerate_id();
+    session_regenerate_id(true);
 		$_SESSION['mailcow_cc_username'] = $login_user;
 		$_SESSION['mailcow_cc_role'] = "domainadmin";
 		header("Location: /mailbox");
@@ -154,7 +154,6 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
 	}
 	elseif ($as == "user") {
     set_user_loggedin_session($login_user);
-    session_regenerate_id();
     $http_parameters = explode('&', $_SESSION['index_query_string']);
     unset($_SESSION['index_query_string']);
     if (in_array('mobileconfig', $http_parameters)) {
@@ -187,7 +186,7 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
 		unset($_SESSION['mailcow_cc_username']);
 		unset($_SESSION['mailcow_cc_role']);
 	} else {
-    session_regenerate_id();
+    session_regenerate_id(true);
   }
 }