From d48698469a572f77eb556c1723e84bccc5d4393d Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Tue, 10 Feb 2009 11:02:57 +0100
Subject: do not close session in auth_logoff FS#1519

Ignore-this: b30b94c67baa8a8916dd216424e9473c

As auth_logoff is called very early for all not-logged in users it
prevented writing the breadcrumbs and might have broken some other
things relying on a open session at beginning of the script.

auth_logoff now makes sure the session is open but will not close
it.

Additionally the session is now explicitly closed before a redirect.

darcs-hash:20090210100257-7ad00-50470f18edb9fdbeb555fbf5d8a470a3b077915d.gz
---
 inc/common.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'inc/common.php')

diff --git a/inc/common.php b/inc/common.php
index 817e416b0..46d0002df 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -1463,6 +1463,9 @@ function is_mem_available($mem,$bytes=1048576){
  * @author Andreas Gohr <andi@splitbrain.org>
  */
 function send_redirect($url){
+    // always close the session
+    session_write_close();
+
     // check if running on IIS < 6 with CGI-PHP
     if( isset($_SERVER['SERVER_SOFTWARE']) && isset($_SERVER['GATEWAY_INTERFACE']) &&
         (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== false) &&
-- 
cgit v1.2.3