how secure is either method? the form method would be more secure if it
was done over https correct?
tonyz
Martín marqués wrote:
>
> On Lun 01 Oct 2001 19:36, you wrote:
> > I used a pretty basic system to check HTTP authentication values against
> > database values, but I can't seem to find a
$PHP_AUTH_USER is filled in based on the value coming from the browser.
unsetting it in PHP makes no sense as the browser is simply going to set
it again on the next request. There is no way to clear this from the
client-side short of changing the realm or denying the authentication with
a 403.
2 matches
Mail list logo
