Hi,
when the "visitor" of my page starts an event, i want him to log out without this button "log out". the user has logged on with the http header and registering PHP_AUTH_USER and PHP_AUTH_PW, also a session variable, defining if he is logged in (called $_SESSION['logged'] -
finally i unset
unset $SESSION['logged'];
unset $SERVER['PHP_AUTH_USER'];
unset $_SERVER['PHP_AUTH_PW'];
and finally session_destroy();
no of these values is hold in the session (it does not exist anymore) - fine. But somewhere, i donĀ“t know where, the PHP_AUTH_USER and PHP_AUTH_PW is kept??? If i go on the first page where normally the user is asked for his USER and PW - and after this the variable $_SESSION['logged'] is registered - i am not asked for the user/pw anymore - and i am directed to the next page.
It seemed that unsetting the $SESSION varibles, the $SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] is not enough! How can i relize a "forced logout?
Cheeres
Mike
