Do you need to expire the cookie when you leave the page? How about the following.
When they login, you send down a cookie. when they go to that page, you check the cookie they sent, but send out a new value for that cookie, invalidating it. So when they leave that page they send back your invalid cookie. When they go back to the page, they'll send the invalid cookie, and you can then prompt them to log in or whatever. You'll get the invalid cookie sent back for images on that page, but that usually isn't a problem. Steve Piner Ryan Parr wrote: > > I think I'm missing something... > > If you set a session cookie (i.e. one with no expiry time) then the cookie > will be deleted immediately upon browser close, forcing the user to login > again if they've closed their browser instance. > > If you don't use cookies and allow basic auth then the exact same behavior > is called, forcing the user to re-login only if they've closed that browser > instance. > > Is there someway to expire cookies on page leave, or is this the smartass > thing you were referring to? :) > > -- Ryan Parr > > ----- Original Message ----- > From: "Jon Robison" <[EMAIL PROTECTED]> > To: "Ron Beck" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Tuesday, February 12, 2002 12:28 PM > Subject: Re: Question... > > > Cookies! > > > > /me is in smartass mode today. > > > > --Jon > > > > Ron Beck wrote: > > > > > > Hello all, > > > I need to know how to clear the $ENV variables. For example, I use a > > > .htaccess file for specific directories which requires the user to enter > > > userID and password. When they exit the page, I want them to have to > > > re-enter userID and passwd if they enter the page again. Does anyone > > > know how this is accomplished? > > > > > > TIA, > > > Ron
