> From: "Mark Collin" <[EMAIL PROTECTED]>
>
> Does anybody have any ideas on how I can prevent caching of
> $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'], or clear them?
You can't clear them; they're sent by the browser. It'll keep resending the same
values and you're script will authenticate. Only way to get rid of it is to close the
browser.
You could attempt to force the user to log with a known bad username and password by
using a link or header redirect.
header('Location: http://username:[EMAIL PROTECTED]');
Your login script should check for these known values and can react accordingly. You
know they are bad, so you can either present them with another dialog to log back in
or you can just not send any authentication headers and show them a "successfully
logged out" page.
---John Holmes...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
