regenerate session id upon login

2026-01-15 22:19:58 -06:00 · 2019-09-03 23:05:18 -05:00
parent c148ed30f7
commit b0f8f47c24
1 changed files with 1 additions and 0 deletions
--- a/login.php
+++ b/login.php
@@ -23,6 +23,7 @@ if ($_SERVER['REQUEST_URI'] == '/logout') {
            // Successful login
            $_SESSION['unraid_login'] = time();
            $_SESSION['unraid_user'] = $_POST['username'];
+            session_regenerate_id();
            session_write_close();
            header("Location: /".$var['START_PAGE']);
            exit;