From 2dbc8cf3a51a45efdcbc323f46ed0b3b366c0f72 Mon Sep 17 00:00:00 2001
From: jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Date: Tue, 15 Dec 2009 16:20:54 +0000
Subject: [PATCH] Remove old session ID from URL

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1268 7c3ca157-0c34-0410-bff1-cbf682f78f5c
---
 adminer/include/auth.inc.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index a5c7d7b6..9f3d854c 100644
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -4,9 +4,10 @@ if (isset($_POST["server"])) {
 	$_SESSION["usernames"][$_POST["server"]] = $_POST["username"];
 	$_SESSION["passwords"][$_POST["server"]] = $_POST["password"];
 	if (count($_POST) == 3) { // 3 - count($ignore)
-		$location = ((string) $_GET["server"] === $_POST["server"] ? remove_from_uri() : preg_replace('~^([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . (strlen($_POST["server"]) ? '?server=' . urlencode($_POST["server"]) : ''));
-		if (!isset($_COOKIE[session_name()])) {
-			$location .= (strpos($location, "?") === false ? "?" : "&") . SID;
+		$location = ((string) $_GET["server"] === $_POST["server"] ? remove_from_uri(session_name()) : preg_replace('~^([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . (strlen($_POST["server"]) ? '?server=' . urlencode($_POST["server"]) : ''));
+		if (SID) {
+			$pos = strpos($location, '?');
+			$location = ($pos ? substr_replace($location, SID . "&", $pos + 1, 0) : "$location?" . SID);
 		}
 		redirect($location);
 	}