<?php
if (!defined('SVRJS_MOD_DIRECTORY')) die;

$redirected = false;
$redirect = null;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['redirect']) && strlen($_POST['redirect']) > 0 && $_POST['redirect'][0] == "/" && (strlen($_POST['redirect']) == 1 || $_POST['redirect'][1] != "/")) {
  $redirect = $_POST['redirect'];
} elseif (isset($_GET['redirect']) && strlen($_GET['redirect']) > 0 && $_GET['redirect'][0] == "/" && (strlen($_GET['redirect']) == 1 || $_GET['redirect'][1] != "/")) {
  $redirect = $_GET['redirect'];
}

if (isset($_SESSION['user']) && $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['_csrf']) && $_POST['_csrf'] == $_SESSION['csrf']) {
  unset($_SESSION['user']);
  session_regenerate_id(true);
}

header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);