diff options
author | thomascube <thomas@roundcube.net> | 2011-02-08 08:19:18 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2011-02-08 08:19:18 +0000 |
commit | de62f02eed97d533ab9cf187c80125297e025065 (patch) | |
tree | 1defeff31a0d7612ea7f9fc1cb7a393c13b31d31 /index.php | |
parent | a77cf2292b1b5e010172b572f618aef78795456b (diff) |
Also check referer on logout action
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -133,8 +133,8 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { } } -// end session -else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id'])) { +// end session (after optional referer check) +else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id']) && (!$RCMAIL->config->get('referer_check') || rcube_check_referer())) { $userdata = array('user' => $_SESSION['username'], 'host' => $_SESSION['imap_host'], 'lang' => $RCMAIL->user->language); $OUTPUT->show_message('loggedout'); $RCMAIL->logout_actions(); |