refs #5863 fix remove user session

debian/changelog

@@ -1,4 +1,4 @@
-hedera-web (23.6.17) stable; urgency=low
+hedera-web (23.6.18) stable; urgency=low
 
   * Initial Release.
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "hedera-web",
-  "version": "23.6.17",
+  "version": "23.6.18",
   "description": "Verdnatura web page",
   "license": "GPL-3.0",
   "repository": {

web/service.php

@@ -150,9 +150,6 @@ abstract class Service {
 		if (!empty($_GET['access_token']))
 			$token = $_GET['access_token'];
 
-		error_log("Start login logs\n");
-		error_log("_SERVER_HTTP_AUTHORIZATION: " . $_SERVER['HTTP_AUTHORIZATION'] . " _GET_Access_token: " . $_GET['access_token'] . "EndLine\n");
-
 		if (isset($token)) {
 			$userId = $db->getValue(
 				'SELECT userId FROM salix.AccessToken
@@ -161,8 +158,10 @@ abstract class Service {
 				[$token]
 			);
 
-			if (!$userId)
+			if (!$userId) {
+				$_SESSION['user'] = null;
 				throw new SessionExpiredException();
+			}
 
 			$anonymousUser = FALSE;
 			$user = $db->getValue(
@@ -178,11 +177,12 @@ abstract class Service {
 				[$user]
 			);
 
-			if (!$isActive)
+			if (!$isActive) {
+				$_SESSION['user'] = null;
 				throw new UserDisabledException();
+			}
 		}
 
-		error_log("user: " . $user . "EndLine\n");
 		$db->query('CALL account.myUser_loginWithName(#)', [$user]);
 
 		$userChanged = !$anonymousUser
@@ -191,8 +191,6 @@ abstract class Service {
 		$_SESSION['user'] = $user;
 
 		// Registering the user access
-		error_log("SESSION_Access: " . $_SESSION['access'] . " _userChanged: " . $userChanged . " _SESSION_User: " . $_SESSION['user'] . "EndLine\n");
-		error_log("End login logs\n");
 		if (isset($_SESSION['access']) && $userChanged)
 			$db->query(
 				'CALL visitUser_new(#, #)',