# destroy cookie, destroy session
# keep device cookie
new_session
- SET_COOKIE 0 session=""
- SET_COOKIE 0 user_id=""
+ SESSION_COOKIE new
+ SET_COOKIE 0 user_id="" Path="/${_BASE#/}" SameSite=Strict HttpOnly
REDIRECT "${_BASE}${PATH_INFO}#USER_LOGGED_OUT"
}
esac
w_user_register(){
- if [ "$USER_REGISTRATION" != true ]; then
+ if [ "$(GET user_confirm)" ]; then
+ w_user_confirm
+ elif [ "$USER_REGISTRATION" != true ]; then
cat <<-EOF
[div #user_register .disabled
User Registration is disabled.