From b3e6891802bc16a039e44033861fed71a20731c5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 12 Dec 2025 15:53:53 +0000
Subject: [PATCH] Fix session handling - explicitly start session after destroy

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
---
 data/web/inc/sessions.inc.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php
index da820730c..e3ce674d8 100644
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@@ -43,6 +43,7 @@ if (!isset($_SESSION['SESS_REMOTE_UA'])) {
 if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > $SESSION_LIFETIME)) {
   session_unset();
   session_destroy();
+  session_start();
   // After destroying session, we need to reset the User-Agent for the new session
   $_SESSION['SESS_REMOTE_UA'] = $_SERVER['HTTP_USER_AGENT'];
 }