diff options
| author | thomascube <thomas@roundcube.net> | 2011-08-24 08:39:23 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2011-08-24 08:39:23 +0000 |
| commit | 886aafe167bde8b11ea923111d96636394983ffa (patch) | |
| tree | 3ac29325f15a80f9fc05f19ee7dce0347e8c95e9 /index.php | |
| parent | 0c7fe2fd97ecd1289a07a30bba728b304dc99bd2 (diff) | |
Don't rely on rcmail->task for session error check; use _REQUEST data instead
Diffstat (limited to 'index.php')
| -rw-r--r-- | index.php | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -155,7 +155,7 @@ else if ($RCMAIL->task != 'login' && $_SESSION['user_id'] && $RCMAIL->action != // not logged in -> show login page if (empty($RCMAIL->user->ID)) { // log session failures - if ($RCMAIL->task != 'login' && $RCMAIL->task != 'logout' && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) { + if (!in_array(get_input_value('_task', RCUBE_INPUT_GPC), array('login','logout')) && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) { $RCMAIL->session->log("Aborted session " . $sess_id . "; no valid session data found"); $session_error = true; } |