You are here

function _bakery_user_logout in Bakery Single Sign-On System 7.3

Same name and namespace in other branches
  1. 7.4 bakery.module \_bakery_user_logout()
  2. 7.2 bakery.module \_bakery_user_logout()

Custom logout function modified from user_logout.

2 calls to _bakery_user_logout()
bakery_boot in ./bakery.module
Implements hook_boot().
_bakery_handle_sso in ./bakery.module
Authenticate from valid SSO cookie.

File

./bakery.module, line 926

Code

function _bakery_user_logout() {
  global $user;
  watchdog('user', 'Session closed for %name.', array(
    '%name' => $user->name,
  ));

  // Destroy the current session:
  session_destroy();
  module_invoke_all('user_logout', $user);

  // Load the anonymous user
  $user = drupal_anonymous_user();

  // We want to redirect the user to his original destination.
  $get = $_GET;
  $destination = !empty($get['q']) ? $get['q'] : '';
  unset($get['q']);

  // We append a GET parameter so that the browser reloads the page.
  $get['no_cache'] = time();

  // Build the URL we'll redirect to. We set alias to TRUE so as not to try and
  // hit the unavailable database looking for an alias.
  $url = url($destination, array(
    'query' => $get,
    'absolute' => TRUE,
    'alias' => TRUE,
  ));

  // Remove newlines from the URL to avoid header injection attacks.
  $url = str_replace(array(
    "\n",
    "\r",
  ), '', $url);

  // We can't use drupal_goto because it assumes it's in a later boot phase. Set
  // the status code to be temporary redirect because of the no_cache time.
  header('Location: ' . $url, TRUE, 307);
  exit;
}