forked from extern/egroupware
only delete "Remember me" token on logout, if session is verified (user was logged in)
This commit is contained in:
parent
bf2e396486
commit
4fb6a89db8
11
logout.php
11
logout.php
@ -37,14 +37,13 @@ elseif(strpos($redirectTarget, '[?&]cd=') !== false)
|
||||
$redirectTarget = preg_replace('/([?&])cd=[^&]+/', '$1cd=1', $redirectTarget);
|
||||
}
|
||||
|
||||
// remove remember me cookie on explicit logout, unless it is a second factor
|
||||
if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
|
||||
{
|
||||
Api\Session::egw_setcookie('eGW_remember','',0,'/');
|
||||
}
|
||||
|
||||
if($verified)
|
||||
{
|
||||
// remove remember me cookie on explicit logout, unless it is a second factor
|
||||
if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
|
||||
{
|
||||
Api\Session::egw_setcookie('eGW_remember','',0,'/');
|
||||
}
|
||||
Api\Hooks::process('logout');
|
||||
$GLOBALS['egw']->session->destroy($GLOBALS['sessionid'],$GLOBALS['kp3']);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user