From 5bc273a9ddbe87f55b84f5836284cb207bdadbd1 Mon Sep 17 00:00:00 2001
From: iBNu Maksum <me@ibnux.net>
Date: Fri, 11 Oct 2024 10:38:24 +0700
Subject: [PATCH] session_destroy(); inside removeCookie()

---
 system/autoload/Admin.php | 2 --
 1 file changed, 2 deletions(-)

diff --git a/system/autoload/Admin.php b/system/autoload/Admin.php
index 4a328ffa..a401c6eb 100644
--- a/system/autoload/Admin.php
+++ b/system/autoload/Admin.php
@@ -25,7 +25,6 @@ class Admin
                 $isValid = self::validateToken($_SESSION['aid'], $_COOKIE['aid']);
                 if (!$isValid) {
                     self::removeCookie();
-                    session_destroy();
                     _alert(Lang::T('Token has expired. Please log in again.'), 'danger', "admin");
                     return 0;
                 }
@@ -35,7 +34,6 @@ class Admin
             // Session expired, log out the user
             elseif ($enable_session_timeout && $_SESSION['aid_expiration'] <= time()) {
                 self::removeCookie();
-                session_destroy();
                 _alert(Lang::T('Session has expired. Please log in again.'), 'danger', "admin");
                 return 0;
             }