At 03:11 PM 3/4/01 -0600, Don Read wrote:
>On 04-Mar-01 Ken wrote:
> > I know about the auth logout. Unfortunately, that means that when a user
> > clicks "logout", he gets a "log in" prompt! And, in IE, he has to
> > deliberately blank out the password field, THEN hit enter, THEN the prompt
> > will come again, and he has to hit escape.
>
>I'm still playing with this but ...
>
>My script handles the authentication against a MySQL table;
>and this might (probably) have to get tweaked to play well with .htaccess
>
>The logout script creates a "mark" (tmpfile, db entry, whatever)
>then redirects to a non-protected page.
My script does something very similar, but it's more advanced than that, because it
handles these various scenarios:
- Someone clicks "logout", then closes browser, then starts new browser and logs in as
same of different user
- Someone clicks "logout", then tries to log in again as same or different user
- Someone just closes browser, without clicking "logout"
This would all work perfectly if it weren't for IE5.5 completely refusing to behave
like it has closed when it has closed. So I have to require IE5.5 users to click
logout, which is really no good.
Your script suffers the same problem: An IE5.5 user in the 3rd scenario would just get
logged right back on without being prompted.
- Ken
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
