[PHP] .htaccess logout sequence
Hi All. I have a query which has confused me a bit. I have a database setup where I use htaccess (using apache/php/mysql on a freebsd 3.4 box) to grant access, then it grabs the users info from the database, sets a cookie and pretty much lets the system know whos doing what on the db. What I do want to do however is have the facility to have a logout option where it ditches all info about the current logged in user, fires them back to the start of the system and re-requests the htaccess login window. My past attempts have failed miserably so I thought I would ask around and see if anyone else has had any success (without changing to a different method of auth :) Cheers Chris Chris Aitken - Webmaster/Database Designer - IDEAL Internet email: [EMAIL PROTECTED] phone: +61 2 4628 fax: +61 2 4628 8890 If the foo shits, call your sysadmin
AW: [PHP] .htaccess logout sequence
the key to logout is the realmname. the browser will always send password etc again to the same realm as long as you don't close it. extend the realmname by a random number or timestamp and store it in a session or wherever. to logout change that realmname... sebastian > -Ursprungliche Nachricht- > Von: Chris Aitken [mailto:[EMAIL PROTECTED]] > Gesendet: Mittwoch, 20. Juni 2001 05:53 > An: [EMAIL PROTECTED] > Betreff: [PHP] .htaccess logout sequence > > > Hi All. > > > I have a query which has confused me a bit. I have a database > setup where I > use htaccess (using apache/php/mysql on a freebsd 3.4 box) to > grant access, > then it grabs the users info from the database, sets a cookie > and pretty > much lets the system know whos doing what on the db. > > What I do want to do however is have the facility to have a > logout option > where it ditches all info about the current logged in user, > fires them back > to the start of the system and re-requests the htaccess login window. > > My past attempts have failed miserably so I thought I would > ask around and > see if anyone else has had any success (without changing to a > different > method of auth :) > > > Cheers > > > Chris > > > >Chris Aitken - Webmaster/Database Designer - IDEAL Internet > email: [EMAIL PROTECTED] phone: +61 2 4628 fax: +61 2 > 4628 8890 > > > If the foo shits, call your sysadmin >
RE: [PHP] .htaccess logout sequence
On 20-Jun-01 Chris Aitken wrote: > Hi All. > > > I have a query which has confused me a bit. I have a database setup where I > use htaccess (using apache/php/mysql on a freebsd 3.4 box) to grant access, > then it grabs the users info from the database, sets a cookie and pretty > much lets the system know whos doing what on the db. > > What I do want to do however is have the facility to have a logout option > where it ditches all info about the current logged in user, fires them back > to the start of the system and re-requests the htaccess login window. > > My past attempts have failed miserably so I thought I would ask around and > see if anyone else has had any success (without changing to a different > method of auth :) > The problem is Apache sucking the user/passwd for validation before your script runs. Redirect to a 401 page that is outside of any .htaccess directories. Regards, -- Don Read [EMAIL PROTECTED] -- It's always darkest before the dawn. So if you are going to steal the neighbor's newspaper, that's the time to do it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]