I'm surprised that is actually working, since you never register $auth into
the session.
Anyhow, you probably want the session_destroy() function.
www.php.net/session_destroy
---John Holmes...
----- Original Message -----
From: "Pushpinder Singh Garcha" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 27, 2002 11:53 AM
Subject: [PHP] Session End
Hi
I am have created an authentication system, wherein the user is
authenticated on the basis of a MySQL database.
Here is the code
<?php
$auth = false; // Assume user is not authenticated
if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
// Connect to MySQL
mysql_pconnect( 'localhost', 'mysql', 'sunny' )
or die ( 'Unable to connect to server.' );
// Select database on MySQL server
mysql_select_db( 'testbed' )
or die ( 'Unable to select database.' );
// Formulate the query
$sql = "SELECT * FROM guest WHERE
login = '$PHP_AUTH_USER' AND
password = '$PHP_AUTH_PW'";
// Execute the query and put results in $result
$result = mysql_query( $sql )
or die ( 'Unable to execute query.' );
// Get number of rows in $result.
$num = mysql_numrows( $result );
if ( $num != 0 ) {
// A matching row was found - the user is authenticated.
$auth = true;
session_start();
}
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm="Pushpinder Singh\'s World"'
);
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
exit;
} else {
echo '<P>You are authorized!</P>';
}
?>
However this keeps the user logged on. I want to be able to close the
session once the user has finished his work.
How do I do that??
Many Thanks
--pS
Pushpinder Singh Garcha
_________________________________
Web Architect
T. Falcon Napier and Associates, Inc.
Off : 704 987 6500
Cell : 704 236 2939
Fax : 704 987 5002
_________________________________
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
