Is it possible to set and unset the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] manually without the use of the prompt?
Let's say I have a protected folder with a username and password attached to it (obviously).. and during the execution of a php page I wanted to set the AUTH_USER and AUTH_PW to access the folder, include a file, and then unset the AUTH_USER and AUTH_PW.
Is this possible or does it all have to be done before any header info is sent?
PHP_AUTH_USER and PHP_AUTH_PW
Moderator: General Moderators
You cannot unset authentication variables because they are stored with the client.
You can however send HTTP headers which tell the browser that it should delete the credentials.
Code: Select all
<a href="/index.php" onclick="
document.execCommand('ClearAuthenticationCache');
alert('You are now logged out!');
">Log Me Out</a>