diff options
author | Andrew Dolgov <[email protected]> | 2013-04-03 19:23:43 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2013-04-03 19:23:43 +0400 |
commit | d0eef2a3b0569db718f43fd56ca11f85a93d64e9 (patch) | |
tree | 8f04a9aae2898af585aef32dda574be2cb36648d /include | |
parent | 4ad99f23ff7fcc9bdbd7428b9bb1ffaad31481e5 (diff) |
only destroy unlogged sessions
Diffstat (limited to 'include')
-rw-r--r-- | include/functions.php | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/include/functions.php b/include/functions.php index 05f184eaf..f4f6ed209 100644 --- a/include/functions.php +++ b/include/functions.php @@ -744,7 +744,9 @@ cache_prefs($link); load_user_plugins($link, $_SESSION["uid"]); } else { - if (!$_SESSION["uid"] || !validate_session($link)) { + if (!validate_session($link)) $_SESSION["uid"] = false; + + if (!$_SESSION["uid"]) { if (AUTH_AUTO_LOGIN && authenticate_user($link, null, null)) { $_SESSION["ref_schema_version"] = get_schema_version($link, true); @@ -752,12 +754,12 @@ authenticate_user($link, null, null, true); } - if (!$_SESSION["uid"]) render_login_form($link); - - @session_destroy(); - setcookie(session_name(), '', time()-42000, '/'); - - exit; + if (!$_SESSION["uid"]) { + render_login_form($link); + @session_destroy(); + setcookie(session_name(), '', time()-42000, '/'); + exit; + } } else { /* bump login timestamp */ |