From cf264e0d165647f30efdef1b2d944849bebf4c72 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@bofh.bg>
Date: Thu, 18 Oct 2012 16:14:51 +0300
Subject: Fix Session cookies not being encrypted on creation and
 sess_destroy() not actually deleting cookies

---
 system/libraries/Session/drivers/Session_cookie.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/libraries/Session/drivers')

diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 51d94da4e..8617aec2d 100755
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -308,7 +308,7 @@ class CI_Session_cookie extends CI_Session_driver {
 		}
 
 		// Kill the cookie
-		$this->_setcookie($this->sess_cookie_name, addslashes(serialize(array())), ($this->now - 31500000),
+		$this->_setcookie($this->sess_cookie_name, '', ($this->now - 31500000),
 			$this->cookie_path, $this->cookie_domain, 0);
 
 		// Kill session data
@@ -664,7 +664,7 @@ class CI_Session_cookie extends CI_Session_driver {
 
 		if ($this->sess_encrypt_cookie === TRUE)
 		{
-			$this->CI->encrypt->encode($cookie_data);
+			$cookie_data = $this->CI->encrypt->encode($cookie_data);
 		}
 
 		// Require message authentication
-- 
cgit v1.2.3-24-g4f1b