the security assist logout page uses the Clear Session Value behavior from Cookies toolkit, if cookies toolkit is not installed, the clear session value code may not be added to the page.
add the following at line 1 of the logout page:
<?php
if (!isset($_SESSION)) {
session_start();
}
?><?php
if ("" == ""){
// WA_ClearSession
$clearAll = TRUE;
$clearThese = explode(",","");
if($clearAll){
foreach ($_SESSION as $key => $value){
unset($_SESSION[$key]);
}
}
else{
foreach($clearThese as $value){
unset($_SESSION[$value]);
}
}
}
?>