X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin.php;h=d416353943a48b21069446b62bd7d3bfbfd76d22;hb=939bce138060b727dc96764df88fbb8e4e7049c7;hp=515c745ee9fb0e8ffc28c647ac18bc9e0b2e8f2a;hpb=7f104f6fe558bb56b4205241435a2357c2feece1;p=mailer.git

diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index 515c745ee9..d416353943 100644
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -41,7 +41,7 @@ if (!defined('__SECURITY')) {
 if ((empty($GLOBALS['action'])) && ($check == "admin_only")) {
 	// Redirect to right URL
 	LOAD_URL("modules.php?module=admin&action=login");
-}
+} // END - if
 
 // Load include file
 require_once(PATH."inc/modules/admin/admin-inc.php");
@@ -90,6 +90,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 				$ret = "done";
 			}
 
+			// Admin still not registered?
 			if (!isBooleanConstantAndTrue('admin_registered')) {
 				// Write to config that registration is done
 				admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
@@ -97,7 +98,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 				// Load URL for login
 				$URL = URL."/modules.php?module=admin&action=login";
 				LOAD_URL($URL);
-			}
+			} // END - if
 			break;
 		}
 	}
@@ -228,11 +229,13 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 		case "404": // Administrator login not found
 			$_POST['ok'] = $ret;
 			$ret = ADMIN_NOT_FOUND;
+			DESTROY_ADMIN_SESSION();
 			break;
 
 		case "pass": // Wrong password
 			$_POST['ok'] = $ret;
 			$ret = WRONG_PASS." [<A href=\"".URL."/modules.php?module=admin&amp;reset_pass=1\">".ADMIN_RESET_PASS."</A>]\n";
+			DESTROY_ADMIN_SESSION();
 			break;
 		}
 	}
@@ -299,16 +302,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 	}
 } elseif (isset($_GET['logout'])) {
 	// Only try to remove cookies
-	if (set_session("admin_login", "") && set_session("admin_md5", "") && set_session("admin_last", "") && set_session("admin_to", "")) {
-		// Also remove array elements
-		set_session('admin_login', "");
-		set_session('admin_md5'  , "");
-		set_session('admin_last' , "");
-		set_session('admin_to'   , "");
-
-		// Destroy session
-		@session_destroy();
-
+	if (DESTROY_ADMIN_SESSION()) {
 		// Load logout template
 		if (isset($_GET['register'])) {
 			// Secure input
@@ -387,11 +381,13 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 
 	case "404": // Administrator login not found
 		$_POST['ok'] = $ret;
+		DESTROY_ADMIN_SESSION();
 		ADD_FATAL(ADMIN_NOT_FOUND);
 		break;
 
 	case "pass": // Wrong password
 		$_POST['ok'] = $ret;
+		DESTROY_ADMIN_SESSION();
 		ADD_FATAL(WRONG_PASS);
 		break;
 	}