diff options
| author | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-02-08 08:19:18 +0000 |
|---|---|---|
| committer | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-02-08 08:19:18 +0000 |
| commit | c2d434ce7e208d9d316ca64f97190b9f09d1e35f (patch) | |
| tree | 955684c926eb1531e06432a77117453cc1e93f2b /roundcubemail/index.php | |
| parent | 7c95446d869d392f330f93cda8de91941c99d75b (diff) | |
Also check referer on logout action
git-svn-id: https://svn.roundcube.net/trunk@4504 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/index.php')
| -rw-r--r-- | roundcubemail/index.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/roundcubemail/index.php b/roundcubemail/index.php index f50cf2bb3..1b1522683 100644 --- a/roundcubemail/index.php +++ b/roundcubemail/index.php @@ -133,8 +133,8 @@ if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') { } } -// end session -else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id'])) { +// end session (after optional referer check) +else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id']) && (!$RCMAIL->config->get('referer_check') || rcube_check_referer())) { $userdata = array('user' => $_SESSION['username'], 'host' => $_SESSION['imap_host'], 'lang' => $RCMAIL->user->language); $OUTPUT->show_message('loggedout'); $RCMAIL->logout_actions(); |