I am using an AuthPlugin to login my site members to MediaWiki. I used the Auth_remoteuser plugin as a model. I have most of the functionality working, however I am having a problem when say a user would logout of my member website and then login as a different user. In this case, all of the session variables and cookies change to the new user for MediaWiki as they should, but the pages still display the previous user name in the page header. I can't figure out what I'm missing, but obviously I need to logout the user and clear some kind of session data from the old user. I have the following code in my plugin.
$user = User::newFromSession(); if (!$user->isAnon()){ error_log("user is not anonymous"); $wiki_name=trim(strtolower($user->getName())); $member_name=trim(strtolower($_SESSION['member_login'])); error_log("wiki name: $wiki_name -- amember name: $amember_name"); if($wiki_name!=$amember_name){ error_log("logging out user"); $user->logout(); } else return; // User is already logged in and not anonymous. }
From the messages showing up in my error log, I can see when the old
username changes to the new one, yet the logged-in name that appears in MediaWiki does not change. Is $user->logout() not enough to actually logout the user and clear the session? Any help is appreciated.
Thanks, Ben