You can't unset $PHP_AUTH_USER. Well, you can, but your browser sends it
on each connection and it gets re-established. There is no way to
effectively log out using http authentication unless you change the realm
or otherwise force a 403 again.
-Rasmus
On Tue, 3 Apr 2001, Adrian Murphy wrote:
> I use a login script with the header() function and $PHP_AUTH_USER etc.
> the problem is once i've logged in once ,i refresh the page i stay logged
> in.
> i want to do testing with different privileges so i want to be asked for a
> username
> and password each time i've refreshed the page.I thought
> unset($PHP_AUTH_USER)
> right after i check the db would work but it doesn't.I've also tried
> varieties of ways
> to avoid caching the page as well but nothing seems to work.this i know is a
> damn simple problem.
> but it's driving me a bit nuts.i even tried emptying my temp internet files
> but to no avail.
> what's going on?
> thanx
> a
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
