On 08-May-01 Mauricio Souza Lima wrote:
>
> Cool, you have found another way!
> So the realm make diference? A user loged in a realm isn't the same in
> other realm? Very cool...
Not quite, the realm is a string to present to the login dialog box
it has no effect on the credentials in this example.
But you could code such a thing.
> Explain better your solution to us.
>
'Kay
>
>> --------
>> logoff.php3:
>>
>> $fname="tmp/$PHP_AUTH_USER";
>> touch($fname);
create a lockfile tmp/loginname
>> Header("Location: http://www.mydomain.com/index.html");
& send them to a non-protected page.
>>
>> secure.php3:
>>
>> function checklogin($user,$pass='',$realm='') {
>>
here $realm is some unused glue for orthagonal function() calls
>> $fname="tmp/$user";
>> if (file_exists($fname)) {
check if tmp/loginname exists
>> unlink($fname); // delete it
>> return(false);
>> }
if we got this far, they either
1. didn't hit logoff
2. they did and already got the 401-(Re)Authenticate
>> $query="select login from users
>> where login='$user' and password=PASSWORD('$pass')";
>> // echo $query .'<BR>';
>> $result = mysql_query( $query);
>> $row = mysql_fetch_object($result);
>> if ($row) {
>> return(true);
>> }
>> return(false);
>> }
>>
Basically it's a spin-lock file that is checked on login ... could just as
easily be done as a shared semaphore, DB entry, whatever.
Regards,
--
Don Read [EMAIL PROTECTED]
-- It's always darkest before the dawn. So if you are going to
steal the neighbor's newspaper, that's the time to do it.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]