if empty session is autostarted because of a cookie, immediately destroy it

2018-10-15 14:53:35 +03:00 · 2018-10-15 14:53:35 +03:00 · 74736fce0f
parent 7d53c2b501
commit 74736fce0f
1 changed files with 4 additions and 0 deletions
--- a/include/sessions.php
+++ b/include/sessions.php
@ -160,5 +160,9 @@
 	if (!defined('NO_SESSION_AUTOSTART')) {
 		if (isset($_COOKIE[session_name()])) {
 			@session_start();
+
+			if (!$_SESSION['uid']) {
+				logout_user();
+			}
 		}
 	}