[PHP] HTTP authentication - de authentication

Sat, 10 Aug 2002 08:01:48 -0700 

How does one logout from such an authentication? I know that through a
HTTP status code, but how exactly? Everything I tried allows the browser
to view the page info after "logout" if the user hits the back button.
The only way I found it works if the user closes the browser window, but
I can't make sure they do, so *how do I make sure they do?*

Is there a script to better de-autheticate from such an authentication
method, or to make the browser close the window?

// _______________ AUTHENTICATION SCRIPT _________________

$auth = false; 

if (isset($PHP_AUTH_USER) && isset($PHP_AUTH_PW)) { 

// Connect to MySQL 
mysql_connect( 'xxx', 'xxx', 'xxx' ) 
or die ( 'Unable to connect to server.' ); 

// Select database on MySQL server 
mysql_select_db( 'xxx' ) 
or die ( 'Unable to select database.' ); 
    
// Formulate the query 
$sql = "SELECT * FROM xxx 
WHERE user_id = '$PHP_AUTH_USER' 
AND password = PASSWORD('$PHP_AUTH_PW')"; 

// Execute the query and put results in $result 
$result = mysql_query( $sql ) 
or die ( 'Unable to execute query.' ); 

// Get number of rows in $result. 
$num = mysql_numrows( $result ); 

// A matching row was found - the user is authenticated. 
if ( $num != 0 ) { 

$auth = true;

// End do the check
}

//____________STOP AUTHETICATION SCRIPT EXAMPLE ______________


//_____________ LOGOUT SCRIP EXAMPLE ____________________

// the "logout" link would look like: 
//<a href="<?php echo($PHP_SELF);?>?logout=1">Logout</a>

if (isset($logout)) { 
header('status: 401 Unauthorized'); 
header('WWW-Authenticate: Basic realm="Private"'); 
header('HTTP/1.0 403 Forbidden'); 
echo ('You have successfully logged out.');
?>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_goToURL() { //v3.0
  var i, args=MM_goToURL.arguments; document.MM_returnValue = false;
  for (i=0; i<(args.length-1); i+=2)
eval(args[i]+".location='"+args[i+1]+"'");
}
//-->
</script>
<?php
exit();
}

- Vic



______________________________________________________________________ 
Post your ad for free now! http://personals.yahoo.ca

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to