From 4ad99f23ff7fcc9bdbd7428b9bb1ffaad31481e5 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Wed, 3 Apr 2013 19:16:59 +0400
Subject: [PATCH] deinitialize session in login_sequence() instead of
 sessions.php

---
 include/functions.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/include/functions.php b/include/functions.php
index c05ee0a4..05f184ea 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -754,6 +754,11 @@
 
 				if (!$_SESSION["uid"]) render_login_form($link);
 
+				@session_destroy();
+				setcookie(session_name(), '', time()-42000, '/');
+
+				exit;
+
 			} else {
 				/* bump login timestamp */
 				db_query($link, "UPDATE ttrss_users SET last_login = NOW() WHERE id = " .
-- 
2.39.2