portal123
asked on
Remove $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']
Hello, when I get to logout page, I'd like to remove $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']
How can I get it?
How can I get it?
unset does not work in this case. You have to send headers to reauth the user, so the remote browser know the credentials are no longer valid , but tat will be very confusing for the enduser
function authenticate() {
header('WWW-Authenticate: Basic realm="Test Authentication System"');
header('HTTP/1.0 401 Unauthorized');
echo "You must enter a valid login ID and password to access this resource\n";
exit;
}
Why do you want to unauth the user in that case?
function authenticate() {
header('WWW-Authenticate: Basic realm="Test Authentication System"');
header('HTTP/1.0 401 Unauthorized');
echo "You must enter a valid login ID and password to access this resource\n";
exit;
}
Why do you want to unauth the user in that case?
why not use $_SESSION variables to authenticate, you can't unset $_SERVER variables.
ASKER
Hello, guys.
unset does not work.
To hernst42, Reason what i unauth is when a user can access to admin pages again he can get in there without id,password.
To nplib, this is for mobile site and some mobile browers do not accept session variables. $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_USER'] are OK on them.
Thanks,portal
unset does not work.
To hernst42, Reason what i unauth is when a user can access to admin pages again he can get in there without id,password.
To nplib, this is for mobile site and some mobile browers do not accept session variables. $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_USER'] are OK on them.
Thanks,portal
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks
unset($_SERVER['PHP_AUTH_P