From d48698469a572f77eb556c1723e84bccc5d4393d Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Tue, 10 Feb 2009 11:02:57 +0100
Subject: do not close session in auth_logoff FS#1519

Ignore-this: b30b94c67baa8a8916dd216424e9473c

As auth_logoff is called very early for all not-logged in users it
prevented writing the breadcrumbs and might have broken some other
things relying on a open session at beginning of the script.

auth_logoff now makes sure the session is open but will not close
it.

Additionally the session is now explicitly closed before a redirect.

darcs-hash:20090210100257-7ad00-50470f18edb9fdbeb555fbf5d8a470a3b077915d.gz
---
 inc/auth.php | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'inc/auth.php')

diff --git a/inc/auth.php b/inc/auth.php
index fa087e8f6..e1f9029a9 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -276,7 +276,7 @@ function auth_logoff($keepbc=false){
   global $INFO, $ID;
   global $auth;
 
-  // reopen session
+  // make sure the session is writable (it usually is)
   @session_start();
 
   if(isset($_SESSION[DOKU_COOKIE]['auth']['user']))
@@ -300,9 +300,6 @@ function auth_logoff($keepbc=false){
   if($auth && $auth->canDo('logoff')){
     $auth->logOff();
   }
-
-  // close session again
-  session_write_close();
 }
 
 /**
-- 
cgit v1.2.3