From a420a18143de200407b7da2c9d68f8ff63a94a6e Mon Sep 17 00:00:00 2001
From: dave <dave>
Date: Fri, 21 Dec 2007 01:16:30 +0000
Subject: [PATCH] - Skip some session variables on logout, clear everything
 else.

---
 user_login.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/user_login.php b/user_login.php
index 079d9501..13e9f67d 100644
--- a/user_login.php
+++ b/user_login.php
@@ -202,6 +202,9 @@
  }
  else if($_GET['action']=="logout")
  {
+ 	/* Session keys to skip on logout */
+ 	$skip = array('debug', 'lang');
+
  	/* Do these explicitly because i'm paranoid */
 	unset($_SESSION['name']);
 	unset($_SESSION['username']);
@@ -209,7 +212,7 @@
 	unset($_SESSION['users_id']);
 	unset($_SESSION['users_type']);
 	/* Take care of anything else */
- 	$keys = array_keys($_SESSION);
+ 	$keys = array_diff(array_keys($_SESSION), $skip);
 	foreach($keys as $k) unset($_SESSION[$k]);
 
 	if($notice != 'login_multirole') $notice = 'logged_out';