From: Andrew Dolgov Date: Mon, 15 Oct 2018 11:53:35 +0000 (+0300) Subject: if empty session is autostarted because of a cookie, immediately destroy it X-Git-Tag: 18.12~60 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=74736fce0f89efbaa971e6817303e8840c4aed8f;p=tt-rss.git if empty session is autostarted because of a cookie, immediately destroy it --- diff --git a/include/sessions.php b/include/sessions.php index f625cd16..2d17bfd8 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -160,5 +160,9 @@ if (!defined('NO_SESSION_AUTOSTART')) { if (isset($_COOKIE[session_name()])) { @session_start(); + + if (!$_SESSION['uid']) { + logout_user(); + } } }