config.new.php
author Dan
Mon, 03 Aug 2009 02:58:43 -0400
changeset 1071 f374801eb775
parent 820 07e54a67d5d2
permissions -rw-r--r--
Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.