From 6cf335e8f6ce162642c5e565f43c0c161ace1dd2 Mon Sep 17 00:00:00 2001
From: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>
Date: Thu, 3 Feb 2011 22:08:03 +0000
Subject: protect login form submission from CSRF using a request token

git-svn-id: https://svn.roundcube.net/trunk@4490 208e9e7b-5314-0410-a742-e7e81cd9613c
---
 roundcubemail/program/include/rcube_session.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'roundcubemail/program/include')

diff --git a/roundcubemail/program/include/rcube_session.php b/roundcubemail/program/include/rcube_session.php
index 7384af39c..2bd663c83 100644
--- a/roundcubemail/program/include/rcube_session.php
+++ b/roundcubemail/program/include/rcube_session.php
@@ -253,6 +253,7 @@ class rcube_session
    */
   public function kill()
   {
+    $this->vars = false;
     $this->destroy(session_id());
     rcmail::setcookie($this->cookiename, '-del-', time() - 60);
   }
-- 
cgit v1.2.3