Merge pull request #1323 from IT-Can/fix-issue-1314
unset userdata when sess_destroy() is called
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 3fa446d..3195f0a 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -36,146 +36,146 @@
*/
class CI_Session {
- /**
+ /**
* Whether to encrypt the session cookie
*
* @var bool
*/
public $sess_encrypt_cookie = FALSE;
-
+
/**
* Whether to use to the database for session storage
*
* @var bool
*/
public $sess_use_database = FALSE;
-
+
/**
* Name of the database table in which to store sessions
*
* @var string
*/
public $sess_table_name = '';
-
+
/**
* Length of time (in seconds) for sessions to expire
*
* @var int
*/
public $sess_expiration = 7200;
-
+
/**
* Whether to kill session on close of browser window
*
* @var bool
*/
public $sess_expire_on_close = FALSE;
-
+
/**
* Whether to match session on ip address
*
* @var bool
*/
public $sess_match_ip = FALSE;
-
+
/**
* Whether to match session on user-agent
*
* @var bool
*/
public $sess_match_useragent = TRUE;
-
+
/**
* Name of session cookie
*
* @var string
*/
public $sess_cookie_name = 'ci_session';
-
+
/**
* Session cookie prefix
*
* @var string
*/
public $cookie_prefix = '';
-
+
/**
* Session cookie path
*
* @var string
*/
public $cookie_path = '';
-
+
/**
* Session cookie domain
*
* @var string
*/
public $cookie_domain = '';
-
+
/**
* Whether to set the cookie only on HTTPS connections
*
* @var bool
*/
public $cookie_secure = FALSE;
-
+
/**
* Whether cookie should be allowed only to be sent by the server
*
* @var bool
*/
public $cookie_httponly = FALSE;
-
+
/**
* Interval at which to update session
*
* @var int
*/
public $sess_time_to_update = 300;
-
+
/**
* Key with which to encrypt the session cookie
*
* @var string
*/
public $encryption_key = '';
-
+
/**
* String to indicate flash data cookies
*
* @var string
*/
public $flashdata_key = 'flash';
-
+
/**
* Function to use to get the current time
*
* @var string
*/
public $time_reference = 'time';
-
+
/**
* Probablity level of garbage collection of old sessions
*
* @var int
*/
public $gc_probability = 5;
-
+
/**
* Session data
*
* @var array
*/
public $userdata = array();
-
+
/**
* Reference to CodeIgniter instance
*
* @var object
*/
public $CI;
-
+
/**
* Current time
*
@@ -570,6 +570,9 @@
$this->cookie_domain,
0
);
+
+ // Kill session data
+ $this->userdata = array();
}
// --------------------------------------------------------------------
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index bbbe6f7..a705319 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -55,7 +55,7 @@
- Database
- - Renamed the Active Record class to Query Builder to remove confusion with
+ - Renamed the Active Record class to Query Builder to remove confusion with
the Active Record design pattern
- Added new :doc:`Query Builder <database/query_builder>` methods that return
- Added the ability to insert objects with insert_batch() in :doc:`Query Builder <database/query_builder>`.
@@ -215,6 +215,7 @@
- Fixed a bug (#1265) - Database connections were always closed, regardless of the 'pconnect' option value.
- Fixed a bug (#128) - :doc:`Language Library <libraries/language>` did not correctly keep track of loaded language files.
- Fixed a bug (#1242) Added Windows path compatibility to function read_dir of ZIP library
+- Fixed a bug (#1314) sess_destroy() did not destroy userdata.
Version 2.1.1
=============