From 4ad99f23ff7fcc9bdbd7428b9bb1ffaad31481e5 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 3 Apr 2013 19:16:59 +0400 Subject: [PATCH] deinitialize session in login_sequence() instead of sessions.php --- include/functions.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/functions.php b/include/functions.php index c05ee0a4..05f184ea 100644 --- a/include/functions.php +++ b/include/functions.php @@ -754,6 +754,11 @@ if (!$_SESSION["uid"]) render_login_form($link); + @session_destroy(); + setcookie(session_name(), '', time()-42000, '/'); + + exit; + } else { /* bump login timestamp */ db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .