how can i unset server vars

xnor82

how can i unset $_SERVER vars?.

PHP_AUTH_USER and PHP_AUTH_PW

codeDV

I have tried this before. The only way to do this is by logging the user off. I think that the credentials are stored somewhere on the clients machine and are not wiped untl the user has logged off.

xnor82

what u mean by saying logging off.
is it mean restarting browser. (when it restarts vars unsets)

xblue

I haven't done this, but

Both Netscape Navigator and Internet Explorer will clear the local browser window's authentication cache for the realm upon receiving a server response of 401. This can effectively "log out" a user, forcing them to re-enter their username and password. Some people use this to "time out" logins, or provide a "log-out" button.

http://www.php.net/manual/en/features.http-auth.php
there is an example as well (but read the warnings below that, too).

xnor82

there is no answer to my question in URL that xblue gave

codeDV

The answer is there. You just cannot unset authenication variables becuase they are stored with the client. You can however send HTTP headers which tell the browser that it should delete the credentials.

You can always you the built in PHP sessions, which are a lot more powerful.