From: Andrew Dolgov <fox@fakecake.org>
Date: Wed, 3 Apr 2013 15:23:43 +0000 (+0400)
Subject: only destroy unlogged sessions
X-Git-Tag: 1.7.7~5
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=d0eef2a3b0569db718f43fd56ca11f85a93d64e9;p=tt-rss.git

only destroy unlogged sessions
---

diff --git a/include/functions.php b/include/functions.php
index 05f184ea..f4f6ed20 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -744,7 +744,9 @@
 			cache_prefs($link);
 			load_user_plugins($link, $_SESSION["uid"]);
 		} else {
-			if (!$_SESSION["uid"] || !validate_session($link)) {
+			if (!validate_session($link)) $_SESSION["uid"] = false;
+
+			if (!$_SESSION["uid"]) {
 
 				if (AUTH_AUTO_LOGIN && authenticate_user($link, null, null)) {
 				    $_SESSION["ref_schema_version"] = get_schema_version($link, true);
@@ -752,12 +754,12 @@
 					 authenticate_user($link, null, null, true);
 				}
 
-				if (!$_SESSION["uid"]) render_login_form($link);
-
-				@session_destroy();
-				setcookie(session_name(), '', time()-42000, '/');
-
-				exit;
+				if (!$_SESSION["uid"]) {
+					render_login_form($link);
+					@session_destroy();
+					setcookie(session_name(), '', time()-42000, '/');
+					exit;
+				}
 
 			} else {
 				/* bump login timestamp */