make sure deauthenticate function is called if session times out

Change-Id: Ibf4c6d8d08dbea4f4d29d3fdaea534be48225358

PluggableAuth.class.php

@@ -53,8 +53,20 @@ abstract class PluggableAuth {
 			if ( isset( $_SESSION['LAST_ACTIVITY'] ) &&
 				( $time - $_SESSION['LAST_ACTIVITY'] >
 					$GLOBALS['PluggableAuth_Timeout'] ) ) {
-				session_unset();
-				session_destroy();
+				$session_variable = wfWikiID() . "_userid";
+				if ( array_key_exists( $session_variable, $_SESSION ) ) {
+					$user->mId = $_SESSION[$session_variable];
+					if ( $user->loadFromDatabase() ) {
+						$user->saveToCache();
+						self::logout( $user );
+					} else{
+						session_unset();
+						session_destroy();
+					}
+				} else {
+					session_unset();
+					session_destroy();
+				}
 				wfDebug( "Session timed out." );
 			}
 			$_SESSION['LAST_ACTIVITY'] = $time;

PluggableAuth.php

@@ -29,7 +29,7 @@ if ( !defined( 'MEDIAWIKI' ) ) {
 $GLOBALS['wgExtensionCredits']['other'][] = array (
 	'path' => __FILE__,
 	'name' => 'PluggableAuth',
-	'version' => '1.0',
+	'version' => '1.1',
 	'author' => array(
 		'[https://www.mediawiki.org/wiki/User:Cindy.cicalese Cindy Cicalese]'
 	),