You are here

function cas_logout in CAS 6.3

Same name and namespace in other branches
  1. 5.4 cas.module \cas_logout()
  2. 5 cas.module \cas_logout()
  3. 5.3 cas.module \cas_logout()
  4. 6 cas.module \cas_logout()
  5. 6.2 cas.module \cas_logout()
  6. 7 cas.module \cas_logout()

Logs a user out of Drupal and then out of CAS.

This function does not return, but instead immediately redirects the user to the CAS server to complete the CAS logout process.

Other modules intending to call this from their implementation of hook_user('logout') will need to pass $invoke_hook = FALSE to avoid an infinite recursion. WARNING: since this function does not return, any later implementations of hook_user('logout') will not run.

Parameters

$invoke_hook: If TRUE, invoke hook_user_logout() and save a watchdog mesage indicating that the user has logged out.

2 string references to 'cas_logout'
cas_menu in ./cas.module
Implementation of hook_menu().
cas_update_6304 in ./cas.install
Add destination parameter to CAS Login / CAS Logout menu links.

File

./cas.module, line 604
Enables users to authenticate via a Central Authentication Service (CAS) Cas will currently work if the auto registration is turned on and will create user accounts automatically.

Code

function cas_logout($invoke_hook = TRUE) {
  global $user;

  // Build the logout URL.
  cas_phpcas_init();
  if (isset($_GET['destination'])) {

    // Add destination override so that a destination can be specified on the
    // logout link, e.g., caslogout?desination=http://foo.bar.com/foobar. We do
    // not allow absolute URLs to be passed via $_GET, as this can be an attack
    // vector.
    $colonpos = strpos($_GET['destination'], ':');
    $absolute = $colonpos !== FALSE && !preg_match('![/?#]!', substr($_GET['destination'], 0, $colonpos));
    $destination = !$absolute ? $_GET['destination'] : variable_get('cas_logout_destination', '');
  }
  else {
    $destination = variable_get('cas_logout_destination', '');
  }

  //Make it an absolute url.  This will also convert <front> to the front page.
  if ($destination) {
    $destination_url = url($destination, array(
      'absolute' => TRUE,
    ));
    $options = array(
      'service' => $destination_url,
      'url' => $destination_url,
    );
  }
  else {
    $options = array();
  }

  // Mimic user_logout().
  if ($invoke_hook) {
    watchdog('user', 'Session closed for %name.', array(
      '%name' => $user->name,
    ));

    // Only variables can be passed by reference workaround.
    $null = NULL;
    user_module_invoke('logout', $null, $user);
  }

  // Load the anonymous user
  $user = drupal_anonymous_user();

  // phpCAS automatically calls session_destroy().
  phpCAS::logout($options);
}