-
Sub-task
-
Resolution: Won't Fix
-
Minor
-
None
-
2.0
-
None
-
MOODLE_20_STABLE
if(empty($_COOKIE) && isset($_GET['sessionid']) && isset($_GET['sessioncookie']) && isset($_GET['sessiontest'])) {
$_COOKIE['MoodleSession' . $_GET['sessioncookie']] = $_GET['sessionid'];
$_COOKIE['MoodleSessionTest' . $_GET['sessioncookie']] = $_GET['sessiontest'];
$cookiewasset = true;
}
require_once '../../../config.php';
breaks our session fixation prevention in setup.php, we can not send cookies this way