From: Michael M Slusarz <slusarz@curecanti.org>
Date: Wed, 11 Aug 2010 05:35:24 +0000 (-0600)
Subject: Bug #7669: On invalid token during logout, redirect to initial page
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=7c61bc0e09925169c1f4007253abbde4281bd98d;p=horde.git

Bug #7669: On invalid token during logout, redirect to initial page
---

diff --git a/horde/docs/CHANGES b/horde/docs/CHANGES
index 3e120fd41..8f713c961 100644
--- a/horde/docs/CHANGES
+++ b/horde/docs/CHANGES
@@ -45,7 +45,8 @@ v4.0-cvs
 v3.3.9-cvs
 ----------
 
-[mjr] Don't allow fixed blocks to be changed to another type (Bug: 9141).
+[mms] On invalid token during logout, redirect to initial page (Bug #7669).
+[mjr] Don't allow fixed blocks to be changed to another type (Bug #9141).
 [jan] Show future alarms in the alarm management screen too.
 [mjr] Fix bug in Horde_Cache that would prevent cache entries from being
       expired in certain cases, and prevent cache key collisions.
diff --git a/horde/login.php b/horde/login.php
index c9eb7f4e4..7800d6ab6 100644
--- a/horde/login.php
+++ b/horde/login.php
@@ -145,7 +145,13 @@ if ($vars->url) {
 $error_reason = $vars->logout_reason;
 if ($error_reason) {
     if ($is_auth) {
-        Horde::checkRequestToken('horde.logout', $vars->horde_logout_token);
+        try {
+            Horde::checkRequestToken('horde.logout', $vars->horde_logout_token);
+        } catch (Horde_Exception $e) {
+            $notification->push($e, 'horde.error');
+            require HORDE_BASE . '/index.php';
+            exit;
+        }
         $is_auth = null;
     }