From 6d4144c78d4756f3a51da8a1493d99a42c93b334 Mon Sep 17 00:00:00 2001
From: Skylar Ittner <admin@netsyms.com>
Date: Sat, 22 Dec 2018 22:55:05 -0700
Subject: [PATCH] Clear login session variables after success to prevent
 skipping username entry

---
 login/index.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/login/index.php b/login/index.php
index afd8921..b40942a 100644
--- a/login/index.php
+++ b/login/index.php
@@ -33,6 +33,11 @@ $error = "";
 
 function sendUserBack($code, $url, $uid) {
     global $database;
+    $_SESSION['check'] = null;
+    $_SESSION['thisstep'] = null;
+    $_SESSION['login_uid'] = null;
+    $_SESSION['login_code'] = null;
+    $_SESSION['login_pwd'] = null;
     $database->update("userloginkeys", ["uid" => $uid], ["key" => $code]);
     header("Location: $url");
     die("<a href=\"" . htmlspecialchars($url) . "\">Click here</a>");