Make WordPress Core

Opened 12 years ago

Closed 10 years ago

Last modified 3 years ago

#22254 closed defect (bug) (wontfix)

"Do you really want to log out" message after already logged out

Reported by: ov3rfly's profile Ov3rfly Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.4.2
Component: Administration Keywords:
Focuses: Cc:

Description

  1. Log into admin area
  2. Open some page within admin area in a new tab (middle click or "Open link in new tab" or similar)
  3. Select "Log Out" in menu in one tab
  4. Normal "You are now logged out." screen appears
  5. Select "Log Out" in menu in other tab
  6. The following message appears:
    You are attempting to log out of Blogname
    
    Do you really want to log out?
    

The content of this message is wrong as the user is already logged out at this point.

Attachments (2)

22254.diff (625 bytes) - added by MikeHansenMe 12 years ago.
send logged out user straight to login form
22254.2.diff (352 bytes) - added by MikeHansenMe 11 years ago.
updated patch to correct location

Download all attachments as: .zip

Change History (22)

@MikeHansenMe
12 years ago

send logged out user straight to login form

#1 @MikeHansenMe
12 years ago

  • Cc mdhansen@… added

#2 @SergeyBiryukov
12 years ago

  • Keywords has-patch added

#3 @MikeHansenMe
12 years ago

  • Keywords needs-testing added

#4 @SergeyBiryukov
12 years ago

  • Milestone changed from Awaiting Review to 3.6

#5 @aaronholbrook
12 years ago

Tested, worked great.

#6 @bradparbs
12 years ago

  • Keywords needs-testing removed

Works for me as well.

#7 @MikeHansenMe
12 years ago

Thanks for testing the patch guys

#8 @SergeyBiryukov
12 years ago

  • Keywords commit added

#9 @nacin
12 years ago

Partial duplicate of #14949?

#10 @nacin
12 years ago

A few things:

  • I don't think this is the right place for this code. Rather than going in wp_nonce_ays() — where messages for failed nonces get printed — the nonce check should be avoided all together, in wp-login.php's action = logout branch.
  • I'm not sure this is necessary at all. The user may be "logged out" by having the logged_in cookie drop, but they may still have admin cookies and it would be good for those to be removed. By providing an extra step, we can ensure that they have an opportunity to explicitly log out and remove all cookies.
  • For more, see #14949, which covers the logging-in-when-already-logged-in problem. This is just the reverse — logging out when already logged out.

#11 @nacin
12 years ago

  • Keywords commit removed
  • Milestone changed from 3.6 to Awaiting Review

#12 @gizburdt
11 years ago

It worked for me!
But I think Nacin is right about the partial duplicate.

@MikeHansenMe
11 years ago

updated patch to correct location

#13 @MikeHansenMe
11 years ago

This is not as common anymore with the heartbeat login modal but updated anyway.

#14 @SergeyBiryukov
10 years ago

#29900 was marked as a duplicate.

#15 @KingOfTheWeb
10 years ago

  • Keywords has-patch removed
  • Resolution set to worksforme
  • Status changed from new to closed

#16 @SergeyBiryukov
10 years ago

  • Resolution changed from worksforme to wontfix

This ticket was mentioned in Slack in #core by liamhogan. View the logs.


10 years ago

#18 @ocean90
10 years ago

  • Milestone Awaiting Review deleted

This ticket was mentioned in Slack in #core by andrewgtibbetts. View the logs.


9 years ago

#20 @Ov3rfly
3 years ago

This problem is still there, leads to confusion.

Note: See TracTickets for help on using tickets.