From 0e6c059c857152a54cd55efc9b3afb04183baea3 Mon Sep 17 00:00:00 2001 From: Gunnar Wrobel Date: Tue, 30 Nov 2010 13:46:07 +0100 Subject: [PATCH] Exchange the session based logout token with the timestamped token variant as an example. --- framework/Core/lib/Horde/Registry.php | 2 +- horde/login.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php index 717b4ef9b..ec1b01fa2 100644 --- a/framework/Core/lib/Horde/Registry.php +++ b/framework/Core/lib/Horde/Registry.php @@ -1752,7 +1752,7 @@ class Horde_Registry ($options['app'] == 'horde') || ($options['reason'] == Horde_Auth::REASON_LOGOUT)) { $params = array( - 'horde_logout_token' => Horde::getRequestToken('horde.logout'), + 'horde_logout_token' => $GLOBALS['injector']->getInstance('Horde_Token')->get('horde.logout'), ); } else { $params = array( diff --git a/horde/login.php b/horde/login.php index d2fdfddfc..9d3ec6ddf 100644 --- a/horde/login.php +++ b/horde/login.php @@ -124,7 +124,7 @@ case Horde_Auth::REASON_LOGOUT: if ($logout_reason) { if ($is_auth) { try { - Horde::checkRequestToken('horde.logout', $vars->horde_logout_token); + $injector->getInstance('Horde_Token')->isValid($vars->horde_logout_token, 'horde.logout'); } catch (Horde_Exception $e) { $notification->push($e, 'horde.error'); require HORDE_BASE . '/index.php'; -- 2.11.0