Encryption changes

functions.php

@@ -369,12 +369,13 @@ function generateUserSessionKey($site_encryption_master_key){
 
     //Give the user "their" key as a cookie
     //By default, this should be HTTPS but we can change to HTTP for development via the config.php file
+    include('config.php');
     if($config_https_only){
         setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/", "", "true", "true");
     }
     else{
         setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/");
-        $_SESSION['alert_message'] = "Unencrypted connection: Using HTTP only.";
+        $_SESSION['alert_message'] = "Unencrypted connection flag set: Using non-secure cookies.";
     }
 }
 

post.php

@@ -6565,11 +6565,12 @@ if(isset($_GET['logout'])){
     mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Logout', log_action = 'Success', log_description = '$session_name logged out', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id");
 
     session_start();
-    session_destroy();
 
+    setcookie("user_encryption_session_key", '', time() - 3600, "/");
     unset($_COOKIE['user_encryption_session_key']);
-    setcookie("user_encryption_session_key", '', time() - 3600, "/", "", "true", "true");
 
+    session_unset();
+    session_destroy();
 
     header('Location: login.php');
 }