Use $GLOBALS['session']->destroy() instead of setting $_SESSION['current'] = "". Using "" means that $_SESSION['current']

could be set but be a string. Don't call addmsg() after logging out otherwise the session message will be lost and can show up for other users or be stuck in the database
2006-07-06 04:21:04 +00:00
parent 82b95b8f6d
commit 81057d13ab
2 changed files with 5 additions and 8 deletions
--- a/account.php
+++ b/account.php
@@ -58,10 +58,6 @@ function do_account($sCmd = null)
            if($_SESSION['current'])
                $_SESSION['current']->logout();

-            /* destroy all session variables */
-            $GLOBALS['session']->destroy();
-
-            addmsg("You are successfully logged out.", "green");
            redirect(apidb_fullurl("index.php"));
            exit;
    }