Anybody know how to revoke the HTTP authentication, i.e. log people out, using PHP?
Cheers, -Morten --------------------------------------------------------------- Rayon Interactive AS http://www.rayon.no Morten Lerskau Rønseth mailto:[EMAIL PROTECTED] Karenslyst Allé 16d Tlf.: (47) 2213 5250 0278 Oslo Fax : (47) 2213 5260 Norway Mob.: (47) 9343 4357 > From: [EMAIL PROTECTED] > Date: Tue, 23 Apr 2002 20:43:23 +0200 > To: [EMAIL PROTECTED] > Subject: Re: [PHP] authentication > > At 23.04.2002 09:52, you wrote: >> >> I have one directory that is protected with an .htaccess file on my server >> where I store all member content. What I want to do is have a page where >> members can log in, and after they have entered there user name and password >> I what the php script to authenticate them against the .htaccess file. If >> they are authenticated I would like to keep track of that as one of there >> session variables, so that they do not have to re-authenticate when they try >> to access content in the protected directory. Essentially what I am trying >> to do is give them access to the .htaccess protected based from a "submit >> form". Instead of requiring that they get the standard user name and >> password pop up window that one gets when you try to access a directory that >> is password protected on Apache. > > > Why do you want to make such a hassle ?? > If you auth via Apache, then it´s a secure thing, as these vals where put > secure. > If you want people to access a hidden directory or a .htyccess closed dir, > you´ll send their user/pw combination plaintext, unless you use https. > Also, if they auth´ed one time, the browser will remember the data, until > it is closed. The auth-popup will be shown in the browsers language. > > If you want apache, to get scripts or data from a "secured" directory, > forget it > or include the apache user in the .htpasswd, but that´s not a good idea. > > HTH Oliver > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
