Fix Session cookies not being encrypted on creation and sess_destroy() not actually deleting cookies
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index 51d94da..8617aec 100755
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -308,7 +308,7 @@
}
// Kill the cookie
- $this->_setcookie($this->sess_cookie_name, addslashes(serialize(array())), ($this->now - 31500000),
+ $this->_setcookie($this->sess_cookie_name, '', ($this->now - 31500000),
$this->cookie_path, $this->cookie_domain, 0);
// Kill session data
@@ -664,7 +664,7 @@
if ($this->sess_encrypt_cookie === TRUE)
{
- $this->CI->encrypt->encode($cookie_data);
+ $cookie_data = $this->CI->encrypt->encode($cookie_data);
}
// Require message authentication