[thelist] some session info not destroyed on logout from siteusingPEAR Auth

[Max Schwanekamp]

> From: Anthony Baratta 
> > log in with different user credentials, they still appear 
> to be logged 
> > in to the account they previously logged in with.
> 
> This is a guess, but it sounds like the login page does not 
> over-write existing cookies or session info when the login 
> process is activated. Instead it's accepting any existing data.

I'd also suggest double-checking if the page is being cached by the browser.

-- 
Max Schwanekamp
http://www.neptunewebworks.com/