$PHP_AUTH_USER is filled in based on the value coming from the browser.
unsetting it in PHP makes no sense as the browser is simply going to set
it again on the next request.  There is no way to clear this from the
client-side short of changing the realm or denying the authentication with
a 403.


On Mon, 1 Oct 2001, Eric J Schwinder wrote:

> I used a pretty basic system to check HTTP authentication values against
> database values, but I can't seem to find a way to allow the user to log
> out.  I tried:
> unset($PHP_AUTH_USER)
> but Internet Explorer hangs on to that value until all browser windows are
> closed.  Is there any way around that?
> Thanks,
> Eric J Schwinder
> eric.AT.bergencomputing.DOT.com

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to