[interchange-cvs] interchange - heins modified lib/Vend/Dispatch.pm

[interchange-cvs at icdevgroup.org]

User:      heins
Date:      2004-02-24 19:17:46 GMT
Modified:  lib/Vend Dispatch.pm
Log:
* Login information was getting re-saved on a session cancel.

* Security fix, backport.

Revision  Changes    Path
1.32      +7 -2      interchange/lib/Vend/Dispatch.pm


rev 1.32, prev_rev 1.31
Index: Dispatch.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Dispatch.pm,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- Dispatch.pm	22 Feb 2004 19:28:37 -0000	1.31
+++ Dispatch.pm	24 Feb 2004 19:17:46 -0000	1.32
@@ -1,6 +1,6 @@
 # Vend::Dispatch - Handle Interchange page requests
 #
-# $Id: Dispatch.pm,v 1.31 2004/02/22 19:28:37 mheins Exp $
+# $Id: Dispatch.pm,v 1.32 2004/02/24 19:17:46 mheins Exp $
 #
 # Copyright (C) 2002-2003 Interchange Development Group
 # Copyright (C) 2002 Mike Heins <mike at perusion.net>
@@ -26,7 +26,7 @@
 package Vend::Dispatch;
 
 use vars qw($VERSION);
-$VERSION = substr(q$Revision: 1.31 $, 10);
+$VERSION = substr(q$Revision: 1.32 $, 10);
 
 use POSIX qw(strftime);
 use Vend::Util;
@@ -564,6 +564,11 @@
 	cancel	=> sub {
 					put_session();
 					get_session();
+					undef $Vend::username;
+					undef $Vend::admin;
+					undef $Vend::groups;
+					undef $Vend::superuser;
+					undef $Vend::login_table;
 					init_session();
 					$CGI::values{mv_nextpage} = find_special_page('canceled')
 						if ! $CGI::values{mv_nextpage};