From b0f8f47c24468ddac2583fa42e62dc90be3ea5b8 Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@startuperic.com>
Date: Tue, 3 Sep 2019 23:05:18 -0500
Subject: [PATCH] regenerate session id upon login

---
 login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/login.php b/login.php
index 8353eca0d..b64f59132 100644
--- a/login.php
+++ b/login.php
@@ -23,6 +23,7 @@ if ($_SERVER['REQUEST_URI'] == '/logout') {
             // Successful login
             $_SESSION['unraid_login'] = time();
             $_SESSION['unraid_user'] = $_POST['username'];
+            session_regenerate_id();
             session_write_close();
             header("Location: /".$var['START_PAGE']);
             exit;