From 5733d087455a2d2d7c87f88a3cfbf2ac452ecfae Mon Sep 17 00:00:00 2001
From: Rob Gill <rrobgill@protonmail.com>
Date: Thu, 10 May 2018 08:54:44 +1000
Subject: [PATCH] Remove invalid cookie

If cookie is invalid, it is cleared from the browser before continuing
---
 scripts/pi-hole/php/password.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/scripts/pi-hole/php/password.php b/scripts/pi-hole/php/password.php
index 9718df56..3dc58e2a 100644
--- a/scripts/pi-hole/php/password.php
+++ b/scripts/pi-hole/php/password.php
@@ -43,9 +43,14 @@
         if (isset($_COOKIE["persistentlogin"]))
         {
             if ($pwhash = $_COOKIE["persistentlogin"])
-                $auth = true;
+	    {	$auth = true;
 		// Refresh cookie with new expiry
                 setcookie('persistentlogin', $pwhash, time()+60*60*24*7);
+	    else 
+		// Invalid cookie 
+		$auth = false;
+		setcookie('persistentlogin', '');
+	    }
         }
         // Compare doubly hashes password input with saved hash
         else if(isset($_POST["pw"]))