Skip to content
Permalink
Browse files

only delete "Remember me" token on logout, if session is verified (us…

…er was logged in)
  • Loading branch information
ralfbecker committed Aug 6, 2019
1 parent bf2e396 commit 4fb6a89db807562b650e3dca23f11caf6613b984
Showing with 5 additions and 6 deletions.
  1. +5 −6 logout.php
@@ -37,14 +37,13 @@
$redirectTarget = preg_replace('/([?&])cd=[^&]+/', '$1cd=1', $redirectTarget);
}

// remove remember me cookie on explicit logout, unless it is a second factor
if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
{
Api\Session::egw_setcookie('eGW_remember','',0,'/');
}

if($verified)
{
// remove remember me cookie on explicit logout, unless it is a second factor
if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
{
Api\Session::egw_setcookie('eGW_remember','',0,'/');
}
Api\Hooks::process('logout');
$GLOBALS['egw']->session->destroy($GLOBALS['sessionid'],$GLOBALS['kp3']);
}

0 comments on commit 4fb6a89

Please sign in to comment.
You can’t perform that action at this time.