delete invalid cookies, refs #1958

git-svn-id: http://dev.piwik.org/svn/trunk@3709 59fd770c-687e-43c8-a1e3-f5a4ff64c105
author: robocoder <anthon.pang@gmail.com> 2011-01-12 01:17:07 +0300
committer: robocoder <anthon.pang@gmail.com> 2011-01-12 01:17:07 +0300
commit: 18c229b5289a3ef943c26beaafc59764864cb5d9 (patch)
tree: 8fdfc950c1848a6d0d1787193aad28b6ed37768a /plugins/Login
parent: 660f69f03cd403f07b4d9855d93ceb5289dff57e (diff)
1 files changed, 7 insertions, 4 deletions
diff --git a/plugins/Login/Login.php b/plugins/Login/Login.php
index 44eef80b40..5f43361f76 100644
--- a/plugins/Login/Login.php
+++ b/plugins/Login/Login.php
@@ -118,15 +118,18 @@ class Piwik_Login extends Piwik_Plugin
 		$auth->setLogin($login);
 		$auth->setTokenAuth($tokenAuth);
 		$authResult = $auth->authenticate();
-		if(!$authResult->isValid())
-		{
-			throw new Exception(Piwik_Translate('Login_LoginPasswordNotCorrect'));
-		}
 
 		$authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
 		$authCookieExpiry = $rememberMe ? time() + Zend_Registry::get('config')->General->login_cookie_expire : 0;
 		$authCookiePath = Zend_Registry::get('config')->General->login_cookie_path;
 		$cookie = new Piwik_Cookie($authCookieName, $authCookieExpiry, $authCookiePath);
+		if(!$authResult->isValid())
+
+		{
+			$cookie->delete();
+			throw new Exception(Piwik_Translate('Login_LoginPasswordNotCorrect'));
+		}
+
 		$cookie->set('login', $login);
 		$cookie->set('token_auth', $auth->getHashTokenAuth($login, $authResult->getTokenAuth()));
 		$cookie->setSecure(Piwik::isHttps());
author	robocoder <anthon.pang@gmail.com>	2011-01-12 01:17:07 +0300
committer	robocoder <anthon.pang@gmail.com>	2011-01-12 01:17:07 +0300
commit	18c229b5289a3ef943c26beaafc59764864cb5d9 (patch)
tree	8fdfc950c1848a6d0d1787193aad28b6ed37768a /plugins/Login
parent	660f69f03cd403f07b4d9855d93ceb5289dff57e (diff)