my $cgi = Bugzilla->cgi;
$cgi->remove_cookie('Bugzilla_login');
$cgi->remove_cookie('Bugzilla_logincookie');
+ $cgi->remove_cookie('sudo');
}
1;
# Check whether or not the user is logged in
my $user = Bugzilla->login(LOGIN_OPTIONAL);
+my $cgi = Bugzilla->cgi;
+my $template = Bugzilla->template;
+my $vars = {};
+
+# And log out the user if requested. We do this first so that nothing
+# else accidentally relies on the current login.
+if ($cgi->param('logout')) {
+ Bugzilla->logout();
+ $user = Bugzilla->user;
+ $vars->{'message'} = "logged_out";
+ # Make sure that templates or other code doesn't get confused about this.
+ $cgi->delete('logout');
+}
###############################################################################
# Main Body Execution
###############################################################################
-my $cgi = Bugzilla->cgi;
# Force to use HTTPS unless Bugzilla->params->{'ssl'} equals 'never'.
# This is required because the user may want to log in from here.
if ($cgi->protocol ne 'https' && Bugzilla->params->{'sslbase'} ne ''
$cgi->require_https(Bugzilla->params->{'sslbase'});
}
-my $template = Bugzilla->template;
-my $vars = {};
-
# Return the appropriate HTTP response headers.
print $cgi->header();
my $template = Bugzilla->template;
my $cgi = Bugzilla->cgi;
-my $action = $cgi->param('action') || 'logout';
+my $action = $cgi->param('action');
my $vars = {};
my $target;
$vars->{'message'} = 'sudo_ended';
$target = 'global/message.html.tmpl';
}
-# Log out the currently logged-in user (this used to be the only thing this did)
-elsif ($action eq 'logout') {
- # We don't want to remove a random logincookie from the db, so
- # call Bugzilla->login(). If we're logged in after this, then
- # the logincookie must be correct
- Bugzilla->login(LOGIN_OPTIONAL);
-
- $cgi->remove_cookie('sudo');
-
- Bugzilla->logout();
-
- $vars->{'message'} = "logged_out";
- $target = 'global/message.html.tmpl';
-}
# No valid action found
else {
Bugzilla->login(LOGIN_OPTIONAL);
<li>
<span class="separator">| </span>
[% IF user.authorizer.can_logout %]
- <a href="relogin.cgi">Log out</a>
+ <a href="index.cgi?logout=1">Log out</a>
[% ELSE %]
Logged in as
[% END %]
<text class="text-link" onclick="load_relative_url('sanitycheck.cgi')" value="sanity check"/>
[%- END %]
[%- IF user.authorizer.can_logout %]
- <text class="text-link" onclick="load_relative_url('relogin.cgi')" value="log out [% user.login FILTER html %]"/>
+ <text class="text-link" onclick="load_relative_url('index.cgi?logout=1')"
+ value="log out [% user.login FILTER html %]"/>
[%- END %]
<separator class="thin"/>
[%- IF user.showmybugslink %]