From 984ce9529c926c884136780d017ae90f0b82b54b Mon Sep 17 00:00:00 2001
From: Dan McGee <dan@archlinux.org>
Date: Tue, 1 Mar 2011 09:24:34 -0600
Subject: Improve cookie handling

* Remove comment that is mostly bogus- the domain is automatically set.
* When logging out, don't delete the language cookie.
* Make the language cookie persistent.
* Use the minimal time possible to expire cookies; no need to compute
  anything.

Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/html/logout.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'web/html/logout.php')

diff --git a/web/html/logout.php b/web/html/logout.php
index 14c652e2..95cf4600 100644
--- a/web/html/logout.php
+++ b/web/html/logout.php
@@ -14,8 +14,9 @@ if (isset($_COOKIE["AURSID"])) {
 	$q = "DELETE FROM Sessions WHERE SessionID = '";
 	$q.= mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
 	db_query($q, $dbh);
-	setcookie("AURSID", "", time() - (60*60*24*30), "/");
-	setcookie("AURLANG", "", time() - (60*60*24*30), "/");
+	# setting expiration to 1 means '1 second after midnight January 1, 1970'
+	setcookie("AURSID", "", 1, "/");
+	unset($_COOKIE['AURSID']);
 }
 
 clear_expired_sessions();
-- 
cgit v1.2.3-24-g4f1b