extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-21 15:33:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

only delete "Remember me" token on logout, if session is verified (user was logged in)

Browse Source
This commit is contained in:
Ralf Becker 2019-08-06 09:59:08 +02:00
parent bf2e396486
commit 4fb6a89db8
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
logout.php
View File

@ -37,14 +37,13 @@ elseif(strpos($redirectTarget, '[?&]cd=') !== false)
$redirectTarget = preg_replace('/([?&])cd=[^&]+/', '$1cd=1', $redirectTarget);
}
// remove remember me cookie on explicit logout, unless it is a second factor
if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
{
Api\Session::egw_setcookie('eGW_remember','',0,'/');
}
if($verified)
{
// remove remember me cookie on explicit logout, unless it is a second factor
if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
{
Api\Session::egw_setcookie('eGW_remember','',0,'/');
}
Api\Hooks::process('logout');
$GLOBALS['egw']->session->destroy($GLOBALS['sessionid'],$GLOBALS['kp3']);
}