From bf5dcfd5cb8123180f8f7f353b57d8450d9c34f9 Mon Sep 17 00:00:00 2001
From: trendschau <trendschau@gmail.com>
Date: Mon, 25 Mar 2024 22:51:24 +0100
Subject: [PATCH] V2.3.3 fix error logout only if own user is deleted

---
 data/security/securitylog.txt                            | 1 +
 system/typemill/Controllers/ControllerApiSystemUsers.php | 4 +++-
 system/typemill/author/js/vue-user.js                    | 7 +++++--
 3 files changed, 9 insertions(+), 3 deletions(-)
 create mode 100644 data/security/securitylog.txt

diff --git a/data/security/securitylog.txt b/data/security/securitylog.txt
new file mode 100644
index 0000000..b4d0e61
--- /dev/null
+++ b/data/security/securitylog.txt
@@ -0,0 +1 @@
+127.0.0.1;2024-03-25 21:48:49;login: wrong password
diff --git a/system/typemill/Controllers/ControllerApiSystemUsers.php b/system/typemill/Controllers/ControllerApiSystemUsers.php
index a596aad..9bc189a 100644
--- a/system/typemill/Controllers/ControllerApiSystemUsers.php
+++ b/system/typemill/Controllers/ControllerApiSystemUsers.php
@@ -394,15 +394,17 @@ class ControllerApiSystemUsers extends Controller
 			return $response->withHeader('Content-Type', 'application/json')->withStatus(500);						
 		}
 
+		$logout = false;
 		# if user deleted his own account
 		if($username == $request->getAttribute('c_username'))
 		{
+			$logout = true;
 			Session::stopSession();
 		}
 
 		$response->getBody()->write(json_encode([
 			'message' 	=> Translations::translate('User deleted.'),
-			'logout' 	=> true
+			'logout' 	=> $logout
 		]));
 
 		return $response->withHeader('Content-Type', 'application/json');
diff --git a/system/typemill/author/js/vue-user.js b/system/typemill/author/js/vue-user.js
index 6113a84..fa160b5 100644
--- a/system/typemill/author/js/vue-user.js
+++ b/system/typemill/author/js/vue-user.js
@@ -115,11 +115,14 @@ const app = Vue.createApp({
 				self.showModal = false;
 				self.messageClass = 'bg-teal-500';
 				self.message = response.data.message;
-				if(response.data.logout !== undefined)
+				if(response.data.logout == true)
 				{
 					window.location.replace(data.urlinfo.baseurl + '/tm/logout');
 				}
-				window.location.replace(data.urlinfo.baseurl + '/tm/users');
+				else
+				{
+					window.location.replace(data.urlinfo.baseurl + '/tm/users');
+				}
 			})
 			.catch(function (error)
 			{