Commit ab1d68d1 authored by Dries's avatar Dries

- Patch #90612 by Bart Jansens: user_logout should only end the current session.

parent 47f527fb
......@@ -731,7 +731,7 @@ function _drupal_bootstrap($phase) {
case DRUPAL_BOOTSTRAP_SESSION:
require_once './includes/session.inc';
session_set_save_handler("sess_open", "sess_close", "sess_read", "sess_write", "sess_destroy", "sess_gc");
session_set_save_handler('sess_open', 'sess_close', 'sess_read', 'sess_write', 'sess_destroy_sid', 'sess_gc');
session_start();
break;
......
......@@ -125,13 +125,21 @@ function sess_count($timestamp = 0, $anonymous = true) {
/**
* Called by PHP session handling with the PHP session ID to end a user's session.
* Can also be called directly, either with the PHP session ID or another identifier
* such as uid to end a specific user's session.
*
* @param string $sid
* the session id
*/
function sess_destroy_sid($sid) {
db_query("DELETE FROM {sessions} WHERE sid = '%s'", $sid);
}
/**
* End a specific user's session
*
* @param string $uid
* the user id
*/
function sess_destroy($uid) {
function sess_destroy_uid($uid) {
db_query('DELETE FROM {sessions} WHERE uid = %d', $uid);
}
......
......@@ -148,7 +148,7 @@ function user_save($account, $array = array(), $category = 'account') {
// Delete a blocked user's sessions to kick them if they are online.
if (isset($array['status']) && $array['status'] == 0) {
sess_destroy($account->uid);
sess_destroy_uid($account->uid);
}
// Refresh user object
......@@ -1014,7 +1014,7 @@ function user_logout() {
watchdog('user', t('Session closed for %name.', array('%name' => $user->name)));
// Destroy the current session:
sess_destroy($user->uid);
session_destroy();
module_invoke_all('user', 'logout', NULL, $user);
// Load the anonymous user
......@@ -1444,7 +1444,7 @@ function user_confirm_delete($name, $uid) {
*/
function user_delete($edit, $uid) {
$account = user_load(array('uid' => $uid));
sess_destroy($uid);
sess_destroy_uid($uid);
db_query('DELETE FROM {users} WHERE uid = %d', $uid);
db_query('DELETE FROM {users_roles} WHERE uid = %d', $uid);
db_query('DELETE FROM {authmap} WHERE uid = %d', $uid);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment