call unsetMagicInCookie if token is invalid

2012-10-11 12:53:34 +02:00 · 2012-10-11 12:53:34 +02:00 · 38b9bffaea
parent eb79ccafe3
commit 38b9bffaea
1 changed files with 2 additions and 2 deletions
--- a/lib/base.php
+++ b/lib/base.php
@ -554,9 +554,9 @@ class OC{
 			}
 			// if you reach this point you have changed your password 
 			// or you are an attacker
-			// we can not delete tokens here because users will reach 
+			// we can not delete tokens here because users may reach 
 			// this point multible times after a password change
-			//OC_Preferences::deleteApp($_POST['user'], 'login_token');
+			OC_User::unsetMagicInCookie();
 		}
 		OC_User::unsetMagicInCookie();
 		return true;