From 476999596804d660fe659974e2ade1739653bb3b Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@startuperic.com>
Date: Wed, 4 Sep 2019 00:12:09 -0500
Subject: [PATCH] regenerate session id upon logout

---
 login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/login.php b/login.php
index 31a039c45..9b588e4fe 100644
--- a/login.php
+++ b/login.php
@@ -12,6 +12,7 @@ if ($_SERVER['REQUEST_URI'] == '/logout') {
     // User Logout
     unset($_SESSION['unraid_login']);
     unset($_SESSION['unraid_user']);
+    session_regenerate_id();
     $error = 'Successfully logged out';
 } else if (!empty($_POST['username']) && !empty($_POST['password'])) {
     // User Login attempt