only destroy unlogged sessions

author: Andrew Dolgov <[email protected]> 2013-04-03 19:23:43 +0400
committer: Andrew Dolgov <[email protected]> 2013-04-03 19:23:43 +0400
commit: d0eef2a3b0569db718f43fd56ca11f85a93d64e9 (patch)
tree: 8f04a9aae2898af585aef32dda574be2cb36648d /include
parent: 4ad99f23ff7fcc9bdbd7428b9bb1ffaad31481e5 (diff)
1 files changed, 9 insertions, 7 deletions
diff --git a/include/functions.php b/include/functions.php
index 05f184eaf..f4f6ed209 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -744,7 +744,9 @@
 			cache_prefs($link);
 			load_user_plugins($link, $_SESSION["uid"]);
 		} else {
-			if (!$_SESSION["uid"] || !validate_session($link)) {
+			if (!validate_session($link)) $_SESSION["uid"] = false;
+
+			if (!$_SESSION["uid"]) {
 
 				if (AUTH_AUTO_LOGIN && authenticate_user($link, null, null)) {
 				    $_SESSION["ref_schema_version"] = get_schema_version($link, true);
@@ -752,12 +754,12 @@
 					 authenticate_user($link, null, null, true);
 				}
 
-				if (!$_SESSION["uid"]) render_login_form($link);
-
-				@session_destroy();
-				setcookie(session_name(), '', time()-42000, '/');
-
-				exit;
+				if (!$_SESSION["uid"]) {
+					render_login_form($link);
+					@session_destroy();
+					setcookie(session_name(), '', time()-42000, '/');
+					exit;
+				}
 
 			} else {
 				/* bump login timestamp */
author	Andrew Dolgov <[email protected]>	2013-04-03 19:23:43 +0400
committer	Andrew Dolgov <[email protected]>	2013-04-03 19:23:43 +0400
commit	d0eef2a3b0569db718f43fd56ca11f85a93d64e9 (patch)
tree	8f04a9aae2898af585aef32dda574be2cb36648d /include
parent	4ad99f23ff7fcc9bdbd7428b9bb1ffaad31481e5 (diff)