BUG Clean up the logOut and session destructon routines.

This commit is contained in:
Mateusz Uzdowski 2013-05-23 13:26:57 +12:00
parent ee784c3663
commit 2f7fd967b2
2 changed files with 13 additions and 7 deletions

View File

@ -528,10 +528,10 @@ class Session {
public static function destroy($removeCookie = true) { public static function destroy($removeCookie = true) {
if(session_id()) { if(session_id()) {
if($removeCookie) { if($removeCookie) {
$path = Config::inst()->get('cookie_path'); $path = Config::inst()->get('Session', 'cookie_path');
if(!$path) $path = Director::baseURL(); if(!$path) $path = Director::baseURL();
$domain = Config::inst()->get('cookie_domain'); $domain = Config::inst()->get('Session', 'cookie_domain');
$secure = Config::inst()->get('cookie_secure'); $secure = Config::inst()->get('Session', 'cookie_secure');
if($domain) { if($domain) {
setcookie(session_name(), '', null, $path, $domain, $secure, true); setcookie(session_name(), '', null, $path, $domain, $secure, true);
@ -542,7 +542,12 @@ class Session {
unset($_COOKIE[session_name()]); unset($_COOKIE[session_name()]);
} }
session_destroy(); session_destroy();
// Clean up the superglobal - session_destroy does not do it.
// http://nz1.php.net/manual/en/function.session-destroy.php
unset($_SESSION);
} }
} }

View File

@ -447,7 +447,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
public function logOut() { public function logOut() {
Session::clear("loggedInAs"); Session::clear("loggedInAs");
if(Member::config()->login_marker_cookie) Cookie::set(Member::config()->login_marker_cookie, null, 0); if(Member::config()->login_marker_cookie) Cookie::set(Member::config()->login_marker_cookie, null, 0);
self::session_regenerate_id();
Session::destroy();
$this->extend('memberLoggedOut'); $this->extend('memberLoggedOut');