From c423c93da8f503bbecf9e22686d9746fa278c5dc Mon Sep 17 00:00:00 2001
From: Thibault Dockx <dockx.thibault@gmail.com>
Date: Tue, 12 Jul 2022 15:06:18 +0100
Subject: [PATCH] :ambulance: Fix(Index.php) Session ID renew after login

Fix session ID is now renewed after proper login
---
 html/index.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/html/index.php b/html/index.php
index 304e73ced..a72e361f9 100644
--- a/html/index.php
+++ b/html/index.php
@@ -408,6 +408,10 @@ class Index {
 
     if ($success) {
       /* Everything went well, redirect to main.php */
+
+      //Regenerate after login in order to avoid session fixation issues (vuln),
+      session_regenerate_id();
+
       static::redirect();
     }
   }
-- 
GitLab