--- loncom/auth/lonlogout.pm	2006/09/05 20:16:49	1.21
+++ loncom/auth/lonlogout.pm	2007/03/01 23:14:12	1.25
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Logout Handler
 #
-# $Id: lonlogout.pm,v 1.21 2006/09/05 20:16:49 albertel Exp $
+# $Id: lonlogout.pm,v 1.25 2007/03/01 23:14:12 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -49,8 +49,7 @@ sub handler {
     }
 
     #check if cookie still valid
-    my $handle=$lonid->value;
-    $handle=~s/\W//g;
+    my $handle=&LONCAPA::clean_handle($lonid->value);
     my $lonidsdir=$r->dir_config('lonIDsDir');
     if ((!-e "$lonidsdir/$handle.id") || ($handle eq '')) {
 	$r->log_reason("Cookie $handle not valid", $r->filename); 
@@ -67,7 +66,15 @@ sub handler {
 			 $env{'user.name'},
 			 $env{'user.home'},
 			 "Logout $ENV{'REMOTE_ADDR'}");
+
     &Apache::loncommon::content_type($r,'text/html');
+
+    #expire the cookie
+    my $c = new CGI::Cookie(-name    => 'lonID',
+			    -value   => '',
+			    -expires => '-10y',);
+    $r->header_out('Set-cookie' => $c);
+
     $r->send_http_header;
     return OK if $r->header_only;
 # -------------------------------------------------------- Menu script and info
@@ -92,9 +99,13 @@ sub handler {
 					   'li' => 'log in again',
 					   'pe' => 'Please either',
 					   'or' => 'or');
-	my $login_url = '/adm/'.($env{'request.sso.login'} ? 'roles' 
-                                                           : 'login');
-	
+        my $relogin_server;
+        if ($env{'request.sso.reloginserver'}) {
+            $relogin_server = $env{'request.sso.reloginserver'};
+        }
+	my $login_url = $relogin_server.'/adm/'.
+                        ($env{'request.sso.login'} ? 'roles': 'login');
+ 
 	$relogmessage=(<<ENDRELOG);
 	<h1>$lt{'gb'}!</h1>
 	    $lt{'pe'} <a href="javascript:self.close();">$lt{'cw'}</a> $lt{'or'}