Posted by Richard Davey on 01/20/06 16:33

On 20 Jan 2006, at 14:24, David BERCOT wrote:

> I use this program to force a user to authenticate :
> if (!isset($_SERVER["PHP_AUTH_USER"])) {
> header("WWW-Authenticate: Basic realm=\"Intranet SDSED\"");
> header("HTTP/1.1 401 Unauthorized");
> }
> Everything is ok except a detail : if the user makes a mistake (for
> example, a bad password), the variable $_SERVER["PHP_AUTH_USER"] is
> initialised.
> So, if he wants to do again the above test, another identification
> won't
> happen (because $_SERVER["PHP_AUTH_USER"] is already set).
> I've tried :
> $_SERVER["PHP_AUTH_USER"] = NULL;
> without succes...

You could either insert a second check (after the PHP AUTH USER
isset) along the lines of is_empty(), or just replace the isset with
is_empty() entirely.

Cheers,

Rich
--
http://www.corephp.co.uk
Zend Certified Engineer
PHP Development Services

• Next in forum: problem encountered with stristr-based function
• Prev in forum: Re: [PHP] New identification after an error...
• Thread view: Re: [PHP] New identification after an error...

[Reply to this message]