function securesite_user_logout in Secure Site 7.2
Same name and namespace in other branches
- 8 securesite.module \securesite_user_logout()
Implements hook_user_logout().
When users logout, show the HTTP Auth dialog to make sure the HTTP Auth credentials are cleared
File
- ./
securesite.module, line 295 - Enables HTTP authentication or an HTML form to restrict site access.
Code
function securesite_user_logout($account) {
global $user;
$types = variable_get('securesite_type', array(
SECURESITE_BASIC,
));
if ((in_array(SECURESITE_BASIC, $types) || in_array(SECURESITE_DIGEST, $types)) && !empty($_SESSION['securesite_login'])) {
module_load_include('inc', 'securesite');
// Safari will attempt to use old credentials before requesting new credentials
// from the user. Logging out requires that the WWW-Authenticate header be sent
// twice.
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? drupal_strtolower($_SERVER['HTTP_USER_AGENT']) : '';
if ($user_agent != str_replace('safari', '', $user_agent)) {
$_SESSION['securesite_repeat'] = TRUE;
}
// Clear stored credentials.
_securesite_dialog(array_pop($types));
if (!empty($user->uid)) {
session_destroy();
$_SESSION['securesite_login'] = TRUE;
// Exit page
ob_flush();
drupal_exit();
}
unset($_GET['destination']);
}
}