in EmbperlObject, if you call DeleteSession from anything but the
base, you delete the session data, but end up not deleting the
cookie. (nSessionMgnt is 0 (not -1) by the time you get back to
setting the http headers)
Reloading a page after failing to delete the cookie turns up another
problem:
if the browser has an invalid cookie (one that doesn't correspond to
an existing session), you get a taint error (at least in
Apache::Session::FileStore) from the {_session_id}, resulting in an
"internal server error".
(is any of that explained clearly enough?)
--
- Gus
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
