claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use $GLOBALS['session']->destroy() instead of setting $_SESSION['current'] = "". Using "" means that $_SESSION['current']

Browse Source 
could be set but be a string. Don't call addmsg() after logging out otherwise the session message will be lost and can
show up for other users or be stuck in the database
This commit is contained in:
Chris Morgan
2006-07-06 04:21:04 +00:00
committed by WineHQ
parent 82b95b8f6d
commit 81057d13ab
2 changed files with 5 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
include/user.php
View File

@@ -82,15 +82,16 @@ class User {
return SUCCESS;
}
/* null out the session variable for the current user since we failed to login */
$_SESSION['current'] = "";
/* destroy all session variables since we failed to login */
$GLOBALS['session']->destroy();
return USER_LOGIN_FAILED;
}
function logout()
{
/* null out the session current variable to log us out */
$_SESSION['current'] = "";
/* destroy all session variables since we are logging out */
$GLOBALS['session']->destroy();
}