diff --git a/lib/classes/session/manager.php b/lib/classes/session/manager.php
index c5e764ce9d9..a6715e86bec 100644
--- a/lib/classes/session/manager.php
+++ b/lib/classes/session/manager.php
@@ -271,8 +271,9 @@ class manager {
                     // This should not happen, just log it, we MUST not produce any output here!
                     error_log("Cannot find session record $sid for user ".$_SESSION['USER']->id.", creating new session.");
                 }
+                // Prevent session fixation attacks.
+                session_regenerate_id(true);
             }
-            session_regenerate_id(true);
             $_SESSION = array();
         }
         unset($sid);