TavoxPeru 0 Report post Posted July 21, 2006 Hi, i'm developing a web application which obviously requires a log in/log out script that i just implementing but i dont know why the log out script dont work fine.The problem is related with the server variable $_SERVER['PHP_AUTH_USER'] which remains set even when in the log out script i unset it with the unset() function.Does someone knows how can i reset or clear the server variable $_SERVER['PHP_AUTH_USER']???Best regards, Share this post Link to post Share on other sites
vicky99 0 Report post Posted July 21, 2006 Dear TavoxPeruI could not understand the meaning of the message which you tried to convey. Did you turned on the safe mode in the PHP configuration file, php.ini. You can find it under Windows folder if you are using Microsoft Windows. By default safe mode is turned off. The PHP safe mode is an attempt to solve the shared-server security problem. If this does not solve you problem then you must specify the error you are getting. Till then bye… Share this post Link to post Share on other sites
Hercco 0 Report post Posted July 24, 2006 I'm guessing that server always sets the variable. Even if the user is not authenticated (ie. has not typed anme and password) it sets the variable to empty string.PHP itself gives a lot of liberties to the webserver regarding the _SERVER superglobal. In fact it allows to server to set none of the variables or set everything to empty or whatever. If you have access to the server configuration I'm sure you can change this behaviour. On the other hand, that wouldn't make for very portable code. My suggestion is that, instead of checked whether the variable is set, you check whether it's an empty string or not. You could use strlen for example. Share this post Link to post Share on other sites
Quatrux 4 Report post Posted July 24, 2006 Well, using a login script with PHP Auth isn't the best method, but I had this problem too, I just did a simple login for one customer, I would do it differently for myself, I couldn't understand how to logout, the Authentication using this kind of way is saved in your browser I guess and server side, I never got into it, even changing the password on the script didn't help, I think that variable is created because the browser sends a http request with it. Anyway, I prefer to use sessions with cookies. Share this post Link to post Share on other sites
TavoxPeru 0 Report post Posted July 27, 2006 Vicky99: No, i dont turned on the safe mode in the php config file, so i turn it on to check if this solve the problem but this dont solve it. Hercco: I will try your suggestion, i think it would work. Quatrux: If the suggestion made by Hercco dont work my last chance is to use sessions with cookies as you suggest. Thanks a lot, Share this post Link to post Share on other sites
TavoxPeru 0 Report post Posted August 24, 2006 (edited) Well, finally my client decide not to use this approach. What i do is simply change it to a standard login script using a form with a text box and a password box and all works very fine, so sorry dudes, i hope sometime i could complete this approach. For me, it is an incomplete task that i must finish soon.Best regards,PS: please admins let me know if i'm doing wrong when i post again and if the correct way was simply to include this in my previous post. Edited August 24, 2006 by TavoxPeru (see edit history) Share this post Link to post Share on other sites
Quatrux 4 Report post Posted August 24, 2006 the $_SERVER['PHP_AUTH_USER']; is always set because your browser sends a http request containing this, so I never really got deeper into this, but this is the right way it should work, even though I think there needs to be a solution, because you can log off from CPanel, but I think they know better how to control http requests and stuff and I don't think that CPanel is written with PHP. Share this post Link to post Share on other sites
minnieadkins 0 Report post Posted August 29, 2006 I encountered this as well. I reset the password instead of resetting the auth I believe. I think that worked for me since you need a valid combo of auth/pass for my script to work. Then as everyone else here stated I went with a standard input field login via post. Share this post Link to post Share on other sites
iGuest 3 Report post Posted March 10, 2008 I have same problem, Only close browser is the solution for that:) use window.Close () for the clear the sever variable. Share this post Link to post Share on other sites
iGuest 3 Report post Posted May 19, 2008 How To Reset The Server Variable Php_auth_user How To Reset The Server Variable Php_auth_user Simply in logout function you have to change the value of $_SERVER['PHP_AUTH_USER'];.And check again loin function. If user name will not matched that was set in $_SERVER['PHP_AUTH_USER'] variable automatically it will call header.(I have done it). -reply by sana ullah Share this post Link to post Share on other sites
iGuest 3 Report post Posted June 14, 2011 How To Reset The Server Variable Php_auth_userHi, Just put unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']);BEFORE THE AUTENTIFICATION CHECK! IT'S IMPORTANT, 'case else it doesn't work...-reply by CRISTI Share this post Link to post Share on other sites