WordPress.org

Make WordPress Core

Opened 9 years ago

Closed 7 years ago

Last modified 5 years ago

#22254 closed defect (bug) (wontfix)

"Do you really want to log out" message after already logged out

Reported by: Ov3rfly Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.4.2
Component: Administration Keywords:
Focuses: Cc:

Description

  1. Log into admin area
  2. Open some page within admin area in a new tab (middle click or "Open link in new tab" or similar)
  3. Select "Log Out" in menu in one tab
  4. Normal "You are now logged out." screen appears
  5. Select "Log Out" in menu in other tab
  6. The following message appears:
    You are attempting to log out of Blogname
    
    Do you really want to log out?
    

The content of this message is wrong as the user is already logged out at this point.

Attachments (2)

22254.diff (625 bytes) - added by MikeHansenMe 9 years ago.
send logged out user straight to login form
22254.2.diff (352 bytes) - added by MikeHansenMe 7 years ago.
updated patch to correct location

Download all attachments as: .zip

Change History (21)

@MikeHansenMe
9 years ago

send logged out user straight to login form

#1 @MikeHansenMe
9 years ago

  • Cc mdhansen@… added

#2 @SergeyBiryukov
9 years ago

  • Keywords has-patch added

#3 @MikeHansenMe
8 years ago

  • Keywords needs-testing added

#4 @SergeyBiryukov
8 years ago

  • Milestone changed from Awaiting Review to 3.6

#5 @aaronholbrook
8 years ago

Tested, worked great.

#6 @bradparbs
8 years ago

  • Keywords needs-testing removed

Works for me as well.

#7 @MikeHansenMe
8 years ago

Thanks for testing the patch guys

#8 @SergeyBiryukov
8 years ago

  • Keywords commit added

#9 @nacin
8 years ago

Partial duplicate of #14949?

#10 @nacin
8 years ago

A few things:

  • I don't think this is the right place for this code. Rather than going in wp_nonce_ays() — where messages for failed nonces get printed — the nonce check should be avoided all together, in wp-login.php's action = logout branch.
  • I'm not sure this is necessary at all. The user may be "logged out" by having the logged_in cookie drop, but they may still have admin cookies and it would be good for those to be removed. By providing an extra step, we can ensure that they have an opportunity to explicitly log out and remove all cookies.
  • For more, see #14949, which covers the logging-in-when-already-logged-in problem. This is just the reverse — logging out when already logged out.

#11 @nacin
8 years ago

  • Keywords commit removed
  • Milestone changed from 3.6 to Awaiting Review

#12 @gizburdt
8 years ago

It worked for me!
But I think Nacin is right about the partial duplicate.

@MikeHansenMe
7 years ago

updated patch to correct location

#13 @MikeHansenMe
7 years ago

This is not as common anymore with the heartbeat login modal but updated anyway.

#14 @SergeyBiryukov
7 years ago

#29900 was marked as a duplicate.

#15 @KingOfTheWeb
7 years ago

  • Keywords has-patch removed
  • Resolution set to worksforme
  • Status changed from new to closed

#16 @SergeyBiryukov
7 years ago

  • Resolution changed from worksforme to wontfix

This ticket was mentioned in Slack in #core by liamhogan. View the logs.


7 years ago

#18 @ocean90
6 years ago

  • Milestone Awaiting Review deleted

This ticket was mentioned in Slack in #core by andrewgtibbetts. View the logs.


5 years ago

Note: See TracTickets for help on using tickets.