Browse code

destroy session when init-link is clicked (new session is created afterwards)

Bernd Wurst authored on18/09/2016 18:45:53
Showing1 changed files
... ...
@@ -20,6 +20,13 @@ require_once('inc/security.php');
20 20
 title("Passwort setzen");
21 21
 $show = 'token';
22 22
 
23
+if (isset($_SESSION['role']) && $_SESSION['role'] != ROLE_ANONYMOUS) {
24
+  @session_destroy();
25
+  
26
+  header('Location: '.$PHP_SELF);
27
+  die(); 
28
+}
29
+
23 30
 if (isset($_REQUEST['token']))
24 31
 {
25 32
   $token = $_REQUEST['token'];