[wikka-community] $_POST in logout ?
morten hundevad
fannoj
Sun Sep 27 23:09:23 GMT 2009
is there a security reason why making it required to use $_POST in logout ?
------------------------------------------------------------ code start
------------------------------------------------------------
// BEGIN *** Logout ***
// is user trying to log out?
if (isset($_POST['logout']) && $_POST['logout'] == LOGOUT_BUTTON_LABEL)
// replaced with normal form button #353, #312
{
$this->LogoutUser();
$params .= 'out=true';
$this->Redirect($url.$params);
}
// END *** Logout ***
------------------------------------------------------------ code end
------------------------------------------------------------
would be nice if logout could be preformed from $_GET aswell ... unless
there is a security issue here.
Morten Hundevad
dev on jfusion team ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.wikkawiki.org/pipermail/community_wikkawiki.org/attachments/20090928/0a283f27/attachment.html>
More information about the community
mailing list