Link to home
Start Free TrialLog in
Avatar of Mark
Mark

asked on

Why is this happening

Trying to do a "logout" while being authenticated via "htaccess" authorization:

The code works however I have to click logout.php twice....

The first time I click it, it just redirects to /crm, the second time I click it, it works (shows an authentication box)

Script: logout.php
<?php

	session_start();
	
	if ($_SESSION['logout']) {
		$_SESSION['logout'] = false;
		header('Location: /crm/');
	}
	
	else {
		header('HTTP/1.0 401 Unauthorised');
		header('WWW-Authenticate: Basic realm="Employee and Agents Only"');
		$_SESSION['logout'] = true;
	}
	// Set "escape" (message when you hit escape) message here.
	echo "Logged out. <a href='/crm'>Return to CRM</a>";

?>

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Mark
Mark

ASKER

I am using HTTP Basic Authentication. The directory where logout.php is located is protected by the Basic Authentication.

I am trying to provide a "logout" mechanism, the snippet I supplied came from the web. It works, however I have to click logout.php twice (call logout.php twice) before it works.

Perhaps you have a better option?

Changing from HTTP Basic Authentication is not an option in this case
Sorry, but I'm at the PHP[World] conference all this week and don't have enough time to delve into the details of this problem, so I can't give you the timely answer you deserve.  You might want to engage the services of a professional programmer who can get hands-on in the code and make direct tests on your server.