--- a/web/common.php	Mon Nov 25 22:28:08 2013 +0100
+++ b/web/common.php	Tue Nov 26 01:18:39 2013 +0100
@@ -407,16 +407,28 @@
 
 $realm = 'Polemictweet restricted area';
 
+/*function authenticate($users, $translate) {
+	if (!isset($_SESSION['user_id']))
+	{
+		// Fetch current URL
+		$this_url = $_SERVER['REQUEST_URI'];
+	
+		// Redirect to login page passing current URL
+		header('Location: login.php?return_url=' . urlencode($this_url));
+		exit;
+	}
+}*/
+
 function authenticate($users, $translate) {
 
 	global $realm;
 	
-	if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
+	
+	if (empty($_SERVER['PHP_AUTH_DIGEST']) || !isset($_SESSION['http_digest_nonce'])) {
 		$_SESSION['http_digest_nonce'] = uniqid();
 		header('HTTP/1.1 401 Unauthorized');
 		header('WWW-Authenticate: Digest realm="'.$realm.
 		'",qop="auth",nonce="'.$_SESSION['http_digest_nonce'].'",opaque="'.md5($realm).'"');
-
 		return array('error' => $translate->_('This area is restricted, please authenticate'));
 	}
 
@@ -425,6 +437,8 @@
 	if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) ||
 		!isset($users[$data['username']])) {
 		$_SERVER['PHP_AUTH_DIGEST'] = '';
+		unset($_SESSION['auth']);
+		unset($_SESSION['http_digest_nonce']);
 		return array('error' => $translate->_('Wrong Credentials!'));
 	}
 
@@ -436,20 +450,21 @@
 
 	if ($data['response'] != $valid_response) {
 		$_SERVER['PHP_AUTH_DIGEST'] = '';
+		unset($_SESSION['http_digest_nonce']);
+		unset($_SESSION['auth']);
 		return array('error' => $translate->_('Wrong Credentials!'));
 	}
 
 	// ok, valid username & password
-	$_SESSION['auth'] = $data;
+	$_SESSION['auth'] = $data['username'];
 	return $data;
 }
 
 function logout() {
 	global $realm;
 	
-	$_SESSION['auth'] = null;
-	header('HTTP/1.1 401 Unauthorized');
-	header('WWW-Authenticate: Digest realm="'.$realm.'",qop="auth",nonce="'.$_SESSION['http_digest_nonce'].'",opaque="'.md5($realm).'"');
+	unset($_SESSION['auth']);
+	unset($_SESSION['http_digest_nonce']);
 }