BUGFIX Session::destroy() should make use of setcookie() to remove the cookie from the user, unsetting the superglobal doesn't unset from the browser (from r91045)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@92450 467b73ca-7a2a-4603-9d3b-597d59a354a9
2024-06-29 16:09:23 +02:00 · 2009-11-21 01:40:50 +00:00 · 2009-11-21 01:40:50 +00:00 · 460380ecb2
commit 460380ecb2
parent 624ddc67cb
1 changed files with 4 additions and 1 deletions
--- a/core/Session.php
+++ b/core/Session.php
@ -224,7 +224,10 @@ class Session {
 	 */
 	public static function destroy($removeCookie = true) {
 		if(session_id()) {
-			if($removeCookie) unset($_COOKIE[session_name()]);
+			if($removeCookie) {
+				setcookie(session_name(), '');
+				unset($_COOKIE[session_name()]);
+			}
 			session_destroy();
 		}
 	}