Use POST instead of GET for logging out (#13022).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11289 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2013-01-30 17:34:48 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2013-01-30 17:34:48 +0000
commit: f2fd78f7b868c184e4ab2058e41a27043640843a (patch)
tree: 5fa1f049587fa5dd2f0cced7caed3f8a7bdbf8e1 /app/controllers
parent: 41faf7f5f54441a2f0ace22d5e40a0bd527a7885 (diff)
download: redmine-f2fd78f7b868c184e4ab2058e41a27043640843a.tar.gz
redmine-f2fd78f7b868c184e4ab2058e41a27043640843a.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index 281e44b82..a89c22373 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -38,8 +38,13 @@ class AccountController < ApplicationController
 
   # Log out current user and redirect to welcome page
   def logout
-    logout_user
-    redirect_to home_url
+    if User.current.anonymous?
+      redirect_to home_url
+    elsif request.post?
+      logout_user
+      redirect_to home_url
+    end
+    # display the logout form
   end
 
   # Lets user choose a new password
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2013-01-30 17:34:48 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2013-01-30 17:34:48 +0000
commit	f2fd78f7b868c184e4ab2058e41a27043640843a (patch)
tree	5fa1f049587fa5dd2f0cced7caed3f8a7bdbf8e1 /app/controllers
parent	41faf7f5f54441a2f0ace22d5e40a0bd527a7885 (diff)
download	redmine-f2fd78f7b868c184e4ab2058e41a27043640843a.tar.gz redmine-f2fd78f7b868c184e4ab2058e41a27043640843a.zip