Logging out a user?

Anon

The PHP Manual saysthat "Both Netscape and Internet Explorer will clear the local browser window's authentication cache for the realm upon receiving a server response of 401. This can effectively "log out" a user, forcing them to re-enter their username and password."

However, they comment the example code provided as "This behavior is not required by the HTTP Basic authentication standard, so you should never depend on this."

Is there a way to log out a user more effectively?

Thanks,
Holden

Anon

I use cookies to hold the authentication info for my users, and when logging them out, I simply reset the cookies:

// unset cookies
setcookie("cookie_user","");
setcookie("cookie_pw","");

// redirect to login page, or wherever
header("Location:http://$HTTP_HOST/$DOCROOT/default.html");
exit();

Anon

to log out a user, set:
$PHP_AUTH_USER = "";

Anon

Hi Chris

This doesn't seem to do anything permanent.. Is it supposed to log out a user for good or just that page?

thanks

Justin
www.thewallpaperking.com