From 38b9bffaeaaa6154c903f87100f20e07afe8261d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20G=C3=B6hler?= <somebody.here@gmx.de>
Date: Thu, 11 Oct 2012 12:53:34 +0200
Subject: [PATCH] call unsetMagicInCookie if token is invalid

---
 lib/base.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/base.php b/lib/base.php
index 9cd2ee55b0..6105f52584 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -554,9 +554,9 @@ class OC{
 			}
 			// if you reach this point you have changed your password 
 			// or you are an attacker
-			// we can not delete tokens here because users will reach 
+			// we can not delete tokens here because users may reach 
 			// this point multible times after a password change
-			//OC_Preferences::deleteApp($_POST['user'], 'login_token');
+			OC_User::unsetMagicInCookie();
 		}
 		OC_User::unsetMagicInCookie();
 		return true;