Re: [PHP] HTTP authentication : logout!!!

Tue, 08 May 2001 12:57:21 -0700 


Cool, you have found another way!
So the realm make diference? A user loged in a realm isn't the same in
other realm? Very cool...
Explain better your solution to us.

Regards,

Don Read wrote:
> 
> On 07-May-01 Mauricio Souza Lima wrote:
> <snip>
> > And you have to inform the user to clean the password field, click ok,
> > then the pop-up will open again, then user click in cancel.
> >
> > I just know that way to do. If anyone know another way, Postit!
> >
> 
> create a tmp directory
> 
> --------
> logoff.php3:
> 
> require('secure.php3');
>     authuser("Logoff"); // validate user (possible Dos attack here)
> 
>     $fname="tmp/$PHP_AUTH_USER";
>     touch($fname);
>     Header("Location: http://www.mydomain.com/index.html";);
> 
> ---------
> 
> secure.php3:
> 
> function checklogin($user,$pass='',$realm='') {
>     if (! dbInit()) {
>         echo "\n\n<BODY><CENTER>";
>         die("<P><H2>Unable to contact database server</H2>");
>     }
> 
>     $fname="tmp/$user";
>     if (file_exists($fname)) {
>         unlink($fname);
>         return(false);
>     }
>     $query="select login from users
>       where login='$user' and password=PASSWORD('$pass')";
>     // echo $query .'<BR>';
>     $result = mysql_query( $query);
>     $row = mysql_fetch_object($result);
>     if ($row) {
>         return(true);
>     }
>     return(false);
> }
> 
> function authheader($realm) {
>     Header('WWW-authenticate: basic realm="'.$realm .'"');
>     Header('HTTP/1.0 401 Unauthorized');
>     echo "\n\n";
> }
> 
> function authuser($realm='Access') {
>     global $PHP_AUTH_USER, $PHP_AUTH_PW;
> 
>     if (! (isset($PHP_AUTH_USER)) ) {
>         authheader($realm);
>         exit;
>     }
>     if (! (checklogin($PHP_AUTH_USER, $PHP_AUTH_PW, $realm)) ) {
>         authheader($realm);
>         echo '<CENTER>Failed Login';
>         exit;
>     }
> }
> 
> Regards,
> --
> Don Read                                       [EMAIL PROTECTED]
> -- It's always darkest before the dawn. So if you are going to
>    steal the neighbor's newspaper, that's the time to do it.

-- 
Mauricio Souza Lima
Programador - Catho ONLINE
[EMAIL PROTECTED] www.catho.com.br
[EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to