Commit ce7b3c31 authored by Seblu's avatar Seblu

fix bad checking on authenticated user, this cause user not be delogged if lost ssl connexion.

parent 16cd098a
......@@ -29,7 +29,7 @@ if ($_SESSION["user_right"] == -1) {
}
// if user is logged and not use https, disconnect it!
if ($_SERVER['HTTPS'] != "on" && $user_id > 0)
if ($_SERVER['HTTPS'] != "on" && $_SESSION["user_id"] > 0)
userDisconnect();
?>
......
......@@ -194,8 +194,8 @@ return ($str);
// Disconnect user
function userDisconnect(){
$_SESSION["user_right"] = 0;
$_SESSION["user_id"] = 0;
$_SESSION["user_right"] = 0;
$_SESSION["user_id"] = 0;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment