Add nonce to the logout link

[ozh]

The logout link doesn't check for a nonce, see:

YOURLS/admin/admin-ajax.php

Lines 43 to 46 in 42fd3b8

	case 'logout':
	// unused for the moment
	yourls_logout();
	break;

A mean hax0r can trick a naive user into logging out themselves if they're redirected to http://their-your.ls/admin/index.php?action=logout.

Definitely not a big deal, but also trivial to fix.

[lenny-lam]

Looks interesting. I would like to have a look at it.

[ozh]

(I'll add that, of course, this should be covered with a proper unit test)