On Fri, 3 Oct 2003, Marek Kilimajer wrote:
> > thing that I can not find anywhere is how to code it so a user can click logoff
> > and have it route them to another page and remove their authentication that was
> > set.
> it is virtualy impossible to make the browser forget the credentials.
It can be done in few ways, but IIRC none of them
is guaranteed to work with _every_ browser. Simplest one
is to use a new IE6 (SP1) feature by calling javascript:
-cut-
<a href="#" onclick="
document.execCommand('ClearAuthenticationCache');
alert('You have been logged out!');
">Logout</a>
-cut-
This of course is quite useless sinse it only works with
IE6.
A second way would be to overwrite the cached credentials with
fake ones. For that you would need to do another .htaccess
protected directory. Lets call it /logout/. You create the
.htaccess and .htpasswd file. Create user 'fake' with
password 'fake' (only for this directory).
Then you would create a logout link with:
-cut-
<a href="http://fake:[EMAIL PROTECTED]/logout/">Logout</a>
-cut-
This should overwrite the credentials with most browser, but
again is not guaranteed to work with every browser.
--
Mika Tuupola http://www.appelsiini.net/~tuupola/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
