tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

BUG Clean up the logOut and session destructon routines.

Browse Source
This commit is contained in:
Mateusz Uzdowski 2013-05-23 13:26:57 +12:00
parent ee784c3663
commit 2f7fd967b2
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
control/Session.php
View File

@ -528,10 +528,10 @@ class Session {
public static function destroy($removeCookie = true) {
if(session_id()) {
if($removeCookie) {
$path = Config::inst()->get('cookie_path');
$path = Config::inst()->get('Session', 'cookie_path');
if(!$path) $path = Director::baseURL();
$domain = Config::inst()->get('cookie_domain');
$secure = Config::inst()->get('cookie_secure');
$domain = Config::inst()->get('Session', 'cookie_domain');
$secure = Config::inst()->get('Session', 'cookie_secure');
if($domain) {
setcookie(session_name(), '', null, $path, $domain, $secure, true);
@ -542,7 +542,12 @@ class Session {
unset($_COOKIE[session_name()]);
}
session_destroy();
// Clean up the superglobal - session_destroy does not do it.
// http://nz1.php.net/manual/en/function.session-destroy.php
unset($_SESSION);
}
}

3
security/Member.php
View File

@ -447,7 +447,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
public function logOut() {
Session::clear("loggedInAs");
if(Member::config()->login_marker_cookie) Cookie::set(Member::config()->login_marker_cookie, null, 0);
self::session_regenerate_id();
Session::destroy();
$this->extend('memberLoggedOut');