do not close session in auth_logoff FS#1519

Ignore-this: b30b94c67baa8a8916dd216424e9473c As auth_logoff is called very early for all not-logged in users it prevented writing the breadcrumbs and might have broken some other things relying on a open session at beginning of the script. auth_logoff now makes sure the session is open but will not close it. Additionally the session is now explicitly closed before a redirect. darcs-hash:20090210100257-7ad00-50470f18edb9fdbeb555fbf5d8a470a3b077915d.gz

do not close session in auth_logoff FS#1519
Ignore-this: b30b94c67baa8a8916dd216424e9473c As auth_logoff is called very early for all not-logged in users it prevented writing the breadcrumbs and might have broken some other things relying on a open session at beginning of the script. auth_logoff now makes sure the session is open but will not close it. Additionally the session is now explicitly closed before a redirect. darcs-hash:20090210100257-7ad00-50470f18edb9fdbeb555fbf5d8a470a3b077915d.gz
d4869846 · Andreas Gohr · 837acd38 · d4869846 · d4869846
Commit d4869846 authored 16 years ago by Andreas Gohr
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -276,7 +276,7 @@ function auth_logoff($keepbc=false){
  global $INFO, $ID;
  global $auth;

-  // reopen session
+  // make sure the session is writable (it usually is)
  @session_start();

  if(isset($_SESSION[DOKU_COOKIE]['auth']['user']))
@@ -300,9 +300,6 @@ function auth_logoff($keepbc=false){
  if($auth && $auth->canDo('logoff')){
    $auth->logOff();
  }
-
-  // close session again
-  session_write_close();
 }

 /**

--- a/inc/common.php
+++ b/inc/common.php
@@ -1463,6 +1463,9 @@ function is_mem_available($mem,$bytes=1048576){
 * @author Andreas Gohr <andi@splitbrain.org>
 */
 function send_redirect($url){
+    // always close the session
+    session_write_close();
+
    // check if running on IIS < 6 with CGI-PHP
    if( isset($_SERVER['SERVER_SOFTWARE']) && isset($_SERVER['GATEWAY_INTERFACE']) &&
        (strpos($_SERVER['GATEWAY_INTERFACE'],'CGI') !== false) &&