2005/12/15, Max Yu <yu_max@xxxxxxxxx>: > We run apache 2.0.52 on Fedora Core 3. After log out, the userid > and password are stored in $PHP_AUTH_USER and $PHP_AUTH_PW, > unless close the browser completely. It can be automatically > relogin if click the login bottun again. So we have to set up > login in twice to prevent illegal login. > > So how to unset $PHP_AUTH_USER and $PHP_AUTH_PW when logout, so > user doesn't need to close the browser? Hi, This problem comes from PHP and not from Apache. These variables are stored on the browser. You must create a session (if it is not already done) and to destroy it : session_detroy(); See this : http://www.php.net/manual/en/features.http-auth.php And read sample code. There are many examples to login/logout This one works with IE6 and FireFox : http://www.php.net/manual/en/features.http-auth.php#51399 -- nico --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|