Exchange the session based logout token with the timestamped token variant as an...

author Gunnar Wrobel <p@rdus.de>

Tue, 30 Nov 2010 12:46:07 +0000 (13:46 +0100)

committer Gunnar Wrobel <p@rdus.de>

Tue, 30 Nov 2010 12:48:29 +0000 (13:48 +0100)
author Gunnar Wrobel <p@rdus.de>
Tue, 30 Nov 2010 12:46:07 +0000 (13:46 +0100)
committer Gunnar Wrobel <p@rdus.de>
Tue, 30 Nov 2010 12:48:29 +0000 (13:48 +0100)
diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php

index 717b4ef..ec1b01f 100644 (file)
--- a/framework/Core/lib/Horde/Registry.php
+++ b/framework/Core/lib/Horde/Registry.php
@@ -1752,7 +1752,7 @@ class Horde_Registry
              ($options['app'] == 'horde') ||
              ($options['reason'] == Horde_Auth::REASON_LOGOUT)) {
              $params = array(
-                'horde_logout_token' => Horde::getRequestToken('horde.logout'),
+                'horde_logout_token' => $GLOBALS['injector']->getInstance('Horde_Token')->get('horde.logout'),
              );
          } else {
              $params = array(
diff --git a/horde/login.php b/horde/login.php

index d2fdfdd..9d3ec6d 100644 (file)
--- a/horde/login.php
+++ b/horde/login.php
@@ -124,7 +124,7 @@ case Horde_Auth::REASON_LOGOUT:
  if ($logout_reason) {
      if ($is_auth) {
          try {
-            Horde::checkRequestToken('horde.logout', $vars->horde_logout_token);
+            $injector->getInstance('Horde_Token')->isValid($vars->horde_logout_token, 'horde.logout');
          } catch (Horde_Exception $e) {
              $notification->push($e, 'horde.error');
              require HORDE_BASE . '/index.php';
author	Gunnar Wrobel <p@rdus.de>
	Tue, 30 Nov 2010 12:46:07 +0000 (13:46 +0100)
committer	Gunnar Wrobel <p@rdus.de>
	Tue, 30 Nov 2010 12:48:29 +0000 (13:48 +0100)
framework/Core/lib/Horde/Registry.php		patch \| blob \| history
horde/login.php		patch \| blob \| history