From 77f5ea733b8435b719e170d7fcc0ca91b2b9781c Mon Sep 17 00:00:00 2001 From: joaosantos81 Date: Mon, 14 Nov 2011 09:44:46 +0000 Subject: [PATCH] Fix for bug when destroying a session with a domain cookie. See http://www.silverstripe.org/general-questions/show/18539 for more details --- control/Session.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/control/Session.php b/control/Session.php index be2fa25fb..b77cbeb05 100644 --- a/control/Session.php +++ b/control/Session.php @@ -448,7 +448,17 @@ class Session { public static function destroy($removeCookie = true) { if(session_id()) { if($removeCookie) { - setcookie(session_name(), ''); + $path = self::get_cookie_path(); + $domain = self::get_cookie_domain(); + $secure = self::get_cookie_secure(); + + if($domain) { + setcookie(session_name(), '', null, $path, $domain, $secure, true); + } + else { + setcookie(session_name(), '', null, $path, null, $secure, true); + } + unset($_COOKIE[session_name()]); } session_destroy();