GHaider@xxxxxxxxxx wrote:
In the html headers, the server sees the clients OS, user agent, IP address etc. Is there a way on a local LAN a server might be able to know the username of the client that sends a request?
I've checked all $_SERVER variables, PHP_AUTH_USER etc require the auth box to be displayed. I'm thinking it might be possible to know which user is logged in when the request is made, possibly by using COM or even (gasp) .NET, without having to ask the user his username.
Any ideas if this can be accomplished at all?
Right now we have Firefox clients and Apache with PHP in an Active Directory domain with NT4 compatibility, but we can move to IE6 with IIS+PHP if that will work.
This isn't possible with php on its own (would be deep impact into your privacy if it could, wouldn't it?). So you've got 2 choices:
switch to IE and use a security hole :>
Or just stay with the better browser and write a little extension.
The easiest way should be a little extensions, that checks if the url of your site is opened and if it is, fills a hidden field with the username. Or even easier: an extension, that sets a cookie for your site with the username as its content.
extensions aren't that hard to write, for they are just javascript.
greetings, Christian
-- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
