[TYPO3-english] Clear FE user session data on logoff
Jigal van Hemert
jigal at xs4all.nl
Fri Dec 9 21:45:51 CET 2011
Hi,
On 9-12-2011 19:08, Victor Livakovsky wrote:
> I wonder, if there is a way to instruct the core to remove session data
> of current FE user, when he logs of?
> I'm intensively using at one of the webs:
> $GLOBALS['TSFE']->fe_user->setKey('ses', $name, $data); and that data
> stays in a session even, if user logs out. So, if another user logs in
> (without closing browser, which kills a whole session), he may see some
> temporary stuff, related to previously logged in user.
As you've already explained the session data lasts until a session ends.
This is usually until the browser is closed.
If you want to store data about a logged in user you can use
setKey('user', $name, $data). This will even survive between logins.
As far as I could see in the code if a FE user logs off the session data
should be removed. However, if you want to be absolutely sure, there is
a hook
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['logoff_pre_processing']
inside the logoff() function.
You could make a hook subscriber which calls
$GLOBALS['TSFE']->fe_user->removeSessionData() .
--
Kind regards / met vriendelijke groet,
Jigal van Hemert.
More information about the TYPO3-english
mailing list