You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
691 lines
22 KiB
691 lines
22 KiB
<?php |
|
/** |
|
* Cookie Authentication plugin for phpMyAdmin |
|
*/ |
|
|
|
declare(strict_types=1); |
|
|
|
namespace PhpMyAdmin\Plugins\Auth; |
|
|
|
use PhpMyAdmin\Config; |
|
use PhpMyAdmin\Core; |
|
use PhpMyAdmin\LanguageManager; |
|
use PhpMyAdmin\Message; |
|
use PhpMyAdmin\Plugins\AuthenticationPlugin; |
|
use PhpMyAdmin\ResponseRenderer; |
|
use PhpMyAdmin\Server\Select; |
|
use PhpMyAdmin\Session; |
|
use PhpMyAdmin\Url; |
|
use PhpMyAdmin\Util; |
|
use PhpMyAdmin\Utils\SessionCache; |
|
use ReCaptcha; |
|
use Throwable; |
|
|
|
use function __; |
|
use function array_keys; |
|
use function base64_decode; |
|
use function base64_encode; |
|
use function count; |
|
use function defined; |
|
use function explode; |
|
use function function_exists; |
|
use function in_array; |
|
use function ini_get; |
|
use function intval; |
|
use function is_array; |
|
use function is_string; |
|
use function json_decode; |
|
use function json_encode; |
|
use function mb_strlen; |
|
use function mb_substr; |
|
use function preg_match; |
|
use function random_bytes; |
|
use function session_id; |
|
use function sodium_crypto_secretbox; |
|
use function sodium_crypto_secretbox_open; |
|
use function strlen; |
|
use function time; |
|
|
|
use const SODIUM_CRYPTO_SECRETBOX_KEYBYTES; |
|
use const SODIUM_CRYPTO_SECRETBOX_NONCEBYTES; |
|
|
|
/** |
|
* Handles the cookie authentication method |
|
*/ |
|
class AuthenticationCookie extends AuthenticationPlugin |
|
{ |
|
/** |
|
* Displays authentication form |
|
* |
|
* this function MUST exit/quit the application |
|
* |
|
* @global string $conn_error the last connection error |
|
*/ |
|
public function showLoginForm(): bool |
|
{ |
|
global $conn_error, $route; |
|
|
|
$response = ResponseRenderer::getInstance(); |
|
|
|
/** |
|
* When sending login modal after session has expired, send the |
|
* new token explicitly with the response to update the token |
|
* in all the forms having a hidden token. |
|
*/ |
|
$session_expired = isset($_REQUEST['check_timeout']) || isset($_REQUEST['session_timedout']); |
|
if (! $session_expired && $response->loginPage()) { |
|
if (defined('TESTSUITE')) { |
|
return true; |
|
} |
|
|
|
exit; |
|
} |
|
|
|
/** |
|
* When sending login modal after session has expired, send the |
|
* new token explicitly with the response to update the token |
|
* in all the forms having a hidden token. |
|
*/ |
|
if ($session_expired) { |
|
$response->setRequestStatus(false); |
|
$response->addJSON('new_token', $_SESSION[' PMA_token ']); |
|
} |
|
|
|
/** |
|
* logged_in response parameter is used to check if the login, |
|
* using the modal was successful after session expiration. |
|
*/ |
|
if (isset($_REQUEST['session_timedout'])) { |
|
$response->addJSON('logged_in', 0); |
|
} |
|
|
|
// No recall if blowfish secret is not configured as it would produce |
|
// garbage |
|
if ($GLOBALS['cfg']['LoginCookieRecall'] && ! empty($GLOBALS['cfg']['blowfish_secret'])) { |
|
$default_user = $this->user; |
|
$default_server = $GLOBALS['pma_auth_server']; |
|
$hasAutocomplete = true; |
|
} else { |
|
$default_user = ''; |
|
$default_server = ''; |
|
$hasAutocomplete = false; |
|
} |
|
|
|
// wrap the login form in a div which overlays the whole page. |
|
if ($session_expired) { |
|
$loginHeader = $this->template->render('login/header', [ |
|
'add_class' => ' modal_form', |
|
'session_expired' => 1, |
|
]); |
|
} else { |
|
$loginHeader = $this->template->render('login/header', [ |
|
'add_class' => '', |
|
'session_expired' => 0, |
|
]); |
|
} |
|
|
|
$errorMessages = ''; |
|
// Show error message |
|
if (! empty($conn_error)) { |
|
$errorMessages = Message::rawError((string) $conn_error)->getDisplay(); |
|
} elseif (isset($_GET['session_expired']) && intval($_GET['session_expired']) == 1) { |
|
$errorMessages = Message::rawError( |
|
__('Your session has expired. Please log in again.') |
|
)->getDisplay(); |
|
} |
|
|
|
$languageManager = LanguageManager::getInstance(); |
|
$availableLanguages = []; |
|
if (empty($GLOBALS['cfg']['Lang']) && $languageManager->hasChoice()) { |
|
$availableLanguages = $languageManager->sortedLanguages(); |
|
} |
|
|
|
$serversOptions = ''; |
|
$hasServers = count($GLOBALS['cfg']['Servers']) > 1; |
|
if ($hasServers) { |
|
$serversOptions = Select::render(false, false); |
|
} |
|
|
|
$_form_params = []; |
|
if (isset($route)) { |
|
$_form_params['route'] = $route; |
|
} |
|
|
|
if (strlen($GLOBALS['db'])) { |
|
$_form_params['db'] = $GLOBALS['db']; |
|
} |
|
|
|
if (strlen($GLOBALS['table'])) { |
|
$_form_params['table'] = $GLOBALS['table']; |
|
} |
|
|
|
$errors = ''; |
|
if ($GLOBALS['errorHandler']->hasDisplayErrors()) { |
|
$errors = $GLOBALS['errorHandler']->getDispErrors(); |
|
} |
|
|
|
// close the wrapping div tag, if the request is after session timeout |
|
if ($session_expired) { |
|
$loginFooter = $this->template->render('login/footer', ['session_expired' => 1]); |
|
} else { |
|
$loginFooter = $this->template->render('login/footer', ['session_expired' => 0]); |
|
} |
|
|
|
$configFooter = Config::renderFooter(); |
|
|
|
echo $this->template->render('login/form', [ |
|
'login_header' => $loginHeader, |
|
'is_demo' => $GLOBALS['cfg']['DBG']['demo'], |
|
'error_messages' => $errorMessages, |
|
'available_languages' => $availableLanguages, |
|
'is_session_expired' => $session_expired, |
|
'has_autocomplete' => $hasAutocomplete, |
|
'session_id' => session_id(), |
|
'is_arbitrary_server_allowed' => $GLOBALS['cfg']['AllowArbitraryServer'], |
|
'default_server' => $default_server, |
|
'default_user' => $default_user, |
|
'has_servers' => $hasServers, |
|
'server_options' => $serversOptions, |
|
'server' => $GLOBALS['server'], |
|
'lang' => $GLOBALS['lang'], |
|
'has_captcha' => ! empty($GLOBALS['cfg']['CaptchaApi']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaRequestParam']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaResponseParam']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaLoginPublicKey']), |
|
'use_captcha_checkbox' => ($GLOBALS['cfg']['CaptchaMethod'] ?? '') === 'checkbox', |
|
'captcha_api' => $GLOBALS['cfg']['CaptchaApi'], |
|
'captcha_req' => $GLOBALS['cfg']['CaptchaRequestParam'], |
|
'captcha_resp' => $GLOBALS['cfg']['CaptchaResponseParam'], |
|
'captcha_key' => $GLOBALS['cfg']['CaptchaLoginPublicKey'], |
|
'form_params' => $_form_params, |
|
'errors' => $errors, |
|
'login_footer' => $loginFooter, |
|
'config_footer' => $configFooter, |
|
]); |
|
|
|
if (! defined('TESTSUITE')) { |
|
exit; |
|
} |
|
|
|
return true; |
|
} |
|
|
|
/** |
|
* Gets authentication credentials |
|
* |
|
* this function DOES NOT check authentication - it just checks/provides |
|
* authentication credentials required to connect to the MySQL server |
|
* usually with $dbi->connect() |
|
* |
|
* it returns false if something is missing - which usually leads to |
|
* showLoginForm() which displays login form |
|
* |
|
* it returns true if all seems ok which usually leads to auth_set_user() |
|
* |
|
* it directly switches to showFailure() if user inactivity timeout is reached |
|
*/ |
|
public function readCredentials(): bool |
|
{ |
|
global $conn_error; |
|
|
|
// Initialization |
|
/** |
|
* @global $GLOBALS['pma_auth_server'] the user provided server to |
|
* connect to |
|
*/ |
|
$GLOBALS['pma_auth_server'] = ''; |
|
|
|
$this->user = $this->password = ''; |
|
$GLOBALS['from_cookie'] = false; |
|
|
|
if (isset($_POST['pma_username']) && strlen($_POST['pma_username']) > 0) { |
|
// Verify Captcha if it is required. |
|
if ( |
|
! empty($GLOBALS['cfg']['CaptchaApi']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaRequestParam']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaResponseParam']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) |
|
&& ! empty($GLOBALS['cfg']['CaptchaLoginPublicKey']) |
|
) { |
|
if (empty($_POST[$GLOBALS['cfg']['CaptchaResponseParam']])) { |
|
$conn_error = __('Missing reCAPTCHA verification, maybe it has been blocked by adblock?'); |
|
|
|
return false; |
|
} |
|
|
|
$captchaSiteVerifyURL = $GLOBALS['cfg']['CaptchaSiteVerifyURL'] ?? ''; |
|
$captchaSiteVerifyURL = empty($captchaSiteVerifyURL) ? null : $captchaSiteVerifyURL; |
|
if (function_exists('curl_init')) { |
|
$reCaptcha = new ReCaptcha\ReCaptcha( |
|
$GLOBALS['cfg']['CaptchaLoginPrivateKey'], |
|
new ReCaptcha\RequestMethod\CurlPost(null, $captchaSiteVerifyURL) |
|
); |
|
} elseif (ini_get('allow_url_fopen')) { |
|
$reCaptcha = new ReCaptcha\ReCaptcha( |
|
$GLOBALS['cfg']['CaptchaLoginPrivateKey'], |
|
new ReCaptcha\RequestMethod\Post($captchaSiteVerifyURL) |
|
); |
|
} else { |
|
$reCaptcha = new ReCaptcha\ReCaptcha( |
|
$GLOBALS['cfg']['CaptchaLoginPrivateKey'], |
|
new ReCaptcha\RequestMethod\SocketPost(null, $captchaSiteVerifyURL) |
|
); |
|
} |
|
|
|
// verify captcha status. |
|
$resp = $reCaptcha->verify( |
|
$_POST[$GLOBALS['cfg']['CaptchaResponseParam']], |
|
Core::getIp() |
|
); |
|
|
|
// Check if the captcha entered is valid, if not stop the login. |
|
if ($resp == null || ! $resp->isSuccess()) { |
|
$codes = $resp->getErrorCodes(); |
|
|
|
if (in_array('invalid-json', $codes)) { |
|
$conn_error = __('Failed to connect to the reCAPTCHA service!'); |
|
} else { |
|
$conn_error = __('Entered captcha is wrong, try again!'); |
|
} |
|
|
|
return false; |
|
} |
|
} |
|
|
|
// The user just logged in |
|
$this->user = Core::sanitizeMySQLUser($_POST['pma_username']); |
|
|
|
$password = $_POST['pma_password'] ?? ''; |
|
if (strlen($password) >= 1000) { |
|
$conn_error = __('Your password is too long. To prevent denial-of-service attacks, ' . |
|
'phpMyAdmin restricts passwords to less than 1000 characters.'); |
|
|
|
return false; |
|
} |
|
|
|
$this->password = $password; |
|
|
|
if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername'])) { |
|
if ($GLOBALS['cfg']['ArbitraryServerRegexp']) { |
|
$parts = explode(' ', $_REQUEST['pma_servername']); |
|
if (count($parts) === 2) { |
|
$tmp_host = $parts[0]; |
|
} else { |
|
$tmp_host = $_REQUEST['pma_servername']; |
|
} |
|
|
|
$match = preg_match($GLOBALS['cfg']['ArbitraryServerRegexp'], $tmp_host); |
|
if (! $match) { |
|
$conn_error = __('You are not allowed to log in to this MySQL server!'); |
|
|
|
return false; |
|
} |
|
} |
|
|
|
$GLOBALS['pma_auth_server'] = Core::sanitizeMySQLHost($_REQUEST['pma_servername']); |
|
} |
|
|
|
/* Secure current session on login to avoid session fixation */ |
|
Session::secure(); |
|
|
|
return true; |
|
} |
|
|
|
// At the end, try to set the $this->user |
|
// and $this->password variables from cookies |
|
|
|
// check cookies |
|
$serverCookie = $GLOBALS['config']->getCookie('pmaUser-' . $GLOBALS['server']); |
|
if (empty($serverCookie)) { |
|
return false; |
|
} |
|
|
|
$value = $this->cookieDecrypt( |
|
$serverCookie, |
|
$this->getEncryptionSecret() |
|
); |
|
|
|
if ($value === null) { |
|
return false; |
|
} |
|
|
|
$this->user = $value; |
|
// user was never logged in since session start |
|
if (empty($_SESSION['browser_access_time'])) { |
|
return false; |
|
} |
|
|
|
// User inactive too long |
|
$last_access_time = time() - $GLOBALS['cfg']['LoginCookieValidity']; |
|
foreach ($_SESSION['browser_access_time'] as $key => $value) { |
|
if ($value >= $last_access_time) { |
|
continue; |
|
} |
|
|
|
unset($_SESSION['browser_access_time'][$key]); |
|
} |
|
|
|
// All sessions expired |
|
if (empty($_SESSION['browser_access_time'])) { |
|
SessionCache::remove('is_create_db_priv'); |
|
SessionCache::remove('is_reload_priv'); |
|
SessionCache::remove('db_to_create'); |
|
SessionCache::remove('dbs_where_create_table_allowed'); |
|
SessionCache::remove('dbs_to_test'); |
|
SessionCache::remove('db_priv'); |
|
SessionCache::remove('col_priv'); |
|
SessionCache::remove('table_priv'); |
|
SessionCache::remove('proc_priv'); |
|
|
|
$this->showFailure('no-activity'); |
|
if (! defined('TESTSUITE')) { |
|
exit; |
|
} |
|
|
|
return false; |
|
} |
|
|
|
// check password cookie |
|
$serverCookie = $GLOBALS['config']->getCookie('pmaAuth-' . $GLOBALS['server']); |
|
|
|
if (empty($serverCookie)) { |
|
return false; |
|
} |
|
|
|
$value = $this->cookieDecrypt( |
|
$serverCookie, |
|
$this->getSessionEncryptionSecret() |
|
); |
|
if ($value === null) { |
|
return false; |
|
} |
|
|
|
$auth_data = json_decode($value, true); |
|
|
|
if (! is_array($auth_data) || ! isset($auth_data['password'])) { |
|
return false; |
|
} |
|
|
|
$this->password = $auth_data['password']; |
|
if ($GLOBALS['cfg']['AllowArbitraryServer'] && ! empty($auth_data['server'])) { |
|
$GLOBALS['pma_auth_server'] = $auth_data['server']; |
|
} |
|
|
|
$GLOBALS['from_cookie'] = true; |
|
|
|
return true; |
|
} |
|
|
|
/** |
|
* Set the user and password after last checkings if required |
|
* |
|
* @return bool always true |
|
*/ |
|
public function storeCredentials(): bool |
|
{ |
|
global $cfg; |
|
|
|
if ($GLOBALS['cfg']['AllowArbitraryServer'] && ! empty($GLOBALS['pma_auth_server'])) { |
|
/* Allow to specify 'host port' */ |
|
$parts = explode(' ', $GLOBALS['pma_auth_server']); |
|
if (count($parts) === 2) { |
|
$tmp_host = $parts[0]; |
|
$tmp_port = $parts[1]; |
|
} else { |
|
$tmp_host = $GLOBALS['pma_auth_server']; |
|
$tmp_port = ''; |
|
} |
|
|
|
if ($cfg['Server']['host'] != $GLOBALS['pma_auth_server']) { |
|
$cfg['Server']['host'] = $tmp_host; |
|
if (! empty($tmp_port)) { |
|
$cfg['Server']['port'] = $tmp_port; |
|
} |
|
} |
|
|
|
unset($tmp_host, $tmp_port, $parts); |
|
} |
|
|
|
return parent::storeCredentials(); |
|
} |
|
|
|
/** |
|
* Stores user credentials after successful login. |
|
*/ |
|
public function rememberCredentials(): void |
|
{ |
|
global $route; |
|
|
|
// Name and password cookies need to be refreshed each time |
|
// Duration = one month for username |
|
$this->storeUsernameCookie($this->user); |
|
|
|
// Duration = as configured |
|
// Do not store password cookie on password change as we will |
|
// set the cookie again after password has been changed |
|
if (! isset($_POST['change_pw'])) { |
|
$this->storePasswordCookie($this->password); |
|
} |
|
|
|
// any parameters to pass? |
|
$url_params = []; |
|
if (isset($route)) { |
|
$url_params['route'] = $route; |
|
} |
|
|
|
if (strlen($GLOBALS['db']) > 0) { |
|
$url_params['db'] = $GLOBALS['db']; |
|
} |
|
|
|
if (strlen($GLOBALS['table']) > 0) { |
|
$url_params['table'] = $GLOBALS['table']; |
|
} |
|
|
|
// user logged in successfully after session expiration |
|
if (isset($_REQUEST['session_timedout'])) { |
|
$response = ResponseRenderer::getInstance(); |
|
$response->addJSON('logged_in', 1); |
|
$response->addJSON('success', 1); |
|
$response->addJSON('new_token', $_SESSION[' PMA_token ']); |
|
|
|
if (! defined('TESTSUITE')) { |
|
exit; |
|
} |
|
|
|
return; |
|
} |
|
|
|
// Set server cookies if required (once per session) and, in this case, |
|
// force reload to ensure the client accepts cookies |
|
if ($GLOBALS['from_cookie']) { |
|
return; |
|
} |
|
|
|
/** |
|
* Clear user cache. |
|
*/ |
|
Util::clearUserCache(); |
|
|
|
ResponseRenderer::getInstance()->disable(); |
|
|
|
Core::sendHeaderLocation( |
|
'./index.php?route=/' . Url::getCommonRaw($url_params, '&'), |
|
true |
|
); |
|
|
|
if (! defined('TESTSUITE')) { |
|
exit; |
|
} |
|
} |
|
|
|
/** |
|
* Stores username in a cookie. |
|
* |
|
* @param string $username User name |
|
*/ |
|
public function storeUsernameCookie($username): void |
|
{ |
|
// Name and password cookies need to be refreshed each time |
|
// Duration = one month for username |
|
$GLOBALS['config']->setCookie( |
|
'pmaUser-' . $GLOBALS['server'], |
|
$this->cookieEncrypt( |
|
$username, |
|
$this->getEncryptionSecret() |
|
) |
|
); |
|
} |
|
|
|
/** |
|
* Stores password in a cookie. |
|
* |
|
* @param string $password Password |
|
*/ |
|
public function storePasswordCookie($password): void |
|
{ |
|
$payload = ['password' => $password]; |
|
if ($GLOBALS['cfg']['AllowArbitraryServer'] && ! empty($GLOBALS['pma_auth_server'])) { |
|
$payload['server'] = $GLOBALS['pma_auth_server']; |
|
} |
|
|
|
// Duration = as configured |
|
$GLOBALS['config']->setCookie( |
|
'pmaAuth-' . $GLOBALS['server'], |
|
$this->cookieEncrypt( |
|
(string) json_encode($payload), |
|
$this->getSessionEncryptionSecret() |
|
), |
|
null, |
|
(int) $GLOBALS['cfg']['LoginCookieStore'] |
|
); |
|
} |
|
|
|
/** |
|
* User is not allowed to login to MySQL -> authentication failed |
|
* |
|
* prepares error message and switches to showLoginForm() which display the error |
|
* and the login form |
|
* |
|
* this function MUST exit/quit the application, |
|
* currently done by call to showLoginForm() |
|
* |
|
* @param string $failure String describing why authentication has failed |
|
*/ |
|
public function showFailure($failure): void |
|
{ |
|
global $conn_error; |
|
|
|
parent::showFailure($failure); |
|
|
|
// Deletes password cookie and displays the login form |
|
$GLOBALS['config']->removeCookie('pmaAuth-' . $GLOBALS['server']); |
|
|
|
$conn_error = $this->getErrorMessage($failure); |
|
|
|
$response = ResponseRenderer::getInstance(); |
|
|
|
// needed for PHP-CGI (not need for FastCGI or mod-php) |
|
$response->header('Cache-Control: no-store, no-cache, must-revalidate'); |
|
$response->header('Pragma: no-cache'); |
|
|
|
$this->showLoginForm(); |
|
} |
|
|
|
/** |
|
* Returns blowfish secret or generates one if needed. |
|
*/ |
|
private function getEncryptionSecret(): string |
|
{ |
|
$key = $GLOBALS['cfg']['blowfish_secret'] ?? null; |
|
if (is_string($key) && mb_strlen($key, '8bit') === SODIUM_CRYPTO_SECRETBOX_KEYBYTES) { |
|
return $key; |
|
} |
|
|
|
return $this->getSessionEncryptionSecret(); |
|
} |
|
|
|
/** |
|
* Returns blowfish secret or generates one if needed. |
|
*/ |
|
private function getSessionEncryptionSecret(): string |
|
{ |
|
$key = $_SESSION['encryption_key'] ?? null; |
|
if (is_string($key) && mb_strlen($key, '8bit') === SODIUM_CRYPTO_SECRETBOX_KEYBYTES) { |
|
return $key; |
|
} |
|
|
|
$key = random_bytes(SODIUM_CRYPTO_SECRETBOX_KEYBYTES); |
|
$_SESSION['encryption_key'] = $key; |
|
|
|
return $key; |
|
} |
|
|
|
public function cookieEncrypt(string $data, string $secret): string |
|
{ |
|
try { |
|
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES); |
|
$ciphertext = sodium_crypto_secretbox($data, $nonce, $secret); |
|
} catch (Throwable $throwable) { |
|
return ''; |
|
} |
|
|
|
return base64_encode($nonce . $ciphertext); |
|
} |
|
|
|
public function cookieDecrypt(string $encryptedData, string $secret): ?string |
|
{ |
|
$encrypted = base64_decode($encryptedData); |
|
$nonce = mb_substr($encrypted, 0, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, '8bit'); |
|
$ciphertext = mb_substr($encrypted, SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit'); |
|
try { |
|
$decrypted = sodium_crypto_secretbox_open($ciphertext, $nonce, $secret); |
|
} catch (Throwable $throwable) { |
|
return null; |
|
} |
|
|
|
if (! is_string($decrypted)) { |
|
return null; |
|
} |
|
|
|
return $decrypted; |
|
} |
|
|
|
/** |
|
* Callback when user changes password. |
|
* |
|
* @param string $password New password to set |
|
*/ |
|
public function handlePasswordChange($password): void |
|
{ |
|
$this->storePasswordCookie($password); |
|
} |
|
|
|
/** |
|
* Perform logout |
|
*/ |
|
public function logOut(): void |
|
{ |
|
global $config; |
|
|
|
// -> delete password cookie(s) |
|
if ($GLOBALS['cfg']['LoginCookieDeleteAll']) { |
|
foreach (array_keys($GLOBALS['cfg']['Servers']) as $key) { |
|
$config->removeCookie('pmaAuth-' . $key); |
|
if (! $config->issetCookie('pmaAuth-' . $key)) { |
|
continue; |
|
} |
|
|
|
$config->removeCookie('pmaAuth-' . $key); |
|
} |
|
} else { |
|
$cookieName = 'pmaAuth-' . $GLOBALS['server']; |
|
$config->removeCookie($cookieName); |
|
if ($config->issetCookie($cookieName)) { |
|
$config->removeCookie($cookieName); |
|
} |
|
} |
|
|
|
parent::logOut(); |
|
} |
|
}
|
|
|