1. when a user logs in it clears any obsolete
usr_session cookies for the user
2. recording the user-agent of the session
and if it changes to prompt the user to
login again
3. when self adding / editing email address(es)
send 2 emails
- one to the new email address asking user to confirm address
- and one to the primary email address to alert user
that a new email is being added to their account and
if this is bad how to contact their admin about the problem.
Reviewed: https:/ /reviews. mahara. org/8000 /git.mahara. org/mahara/ mahara/ commit/ 424ded281718e23 acfb08c4c0cc777 2b2bbd9585
Committed: https:/
Submitter: Robert Lyon (<email address hidden>)
Branch: 16.04_STABLE
commit 424ded281718e23 acfb08c4c0cc777 2b2bbd9585
Author: Cecilia Vela Gurovic <email address hidden>
Date: Wed Jul 5 13:16:07 2017 +1200
Security Bug 1701978: fix session cookie issues
1. when a user logs in it clears any obsolete
usr_session cookies for the user
2. recording the user-agent of the session
and if it changes to prompt the user to
login again
3. when self adding / editing email address(es)
send 2 emails
- one to the new email address asking user to confirm address
- and one to the primary email address to alert user
that a new email is being added to their account and
if this is bad how to contact their admin about the problem.
behatnotneeded 553b72aa8b1d58d 2a2634863b8
Change-Id: Ia44b66cf831abd