got this on a private mail account: (no time to look at it now, will check during the week).
regards, Olivier
-------- Forwarded Message -------- From: Ing. Jozef Sakalos jsakalos@aariadne.com Subject: Better logout Date: Sun, 18 Apr 2004 19:37:05 +0200 Mailer: KMail/1.6.51
Hi Olivier,
I just downloaded and installed CVS version of phpMyAdmin and I found that you've added the logout button to the left frame.
The drawback is that if you click it you cannot login with the same name and password. You've probably used example from PHP documentation.
I've been working on the logout feature too, and I found the better solution (see code snippet at the end of this e-mail).
I use logout button that POSTs cmd=logout to the PHP code. When logout command is processed I set cookie (well, this is browser settings dependent) to prevent infinite loop of log-in dialogs.
Once the user authenticates, I delete the cookie.
This way I can log-in with the same name/password.
Use this if you want and let me know your opinion.
Best Regards, Ing. Jozef Sakalos jsakalos@aariadne.com
<? if(!isset($_SERVER["PHP_AUTH_USER"]) || ("logout" == $cmd && ! $logging_out)) { if("logout" == $cmd) { setcookie("logging_out", "1"); } header('WWW-Authenticate: Basic realm="Theseus"'); header('HTTP/1.0 401 Unauthorized'); header("Status: 401 Unauthorized"); echo "You have to authenticate<br>"; exit; }
setcookie("logging_out", "", time() - 3600);
echo "Hello: $PHP_AUTH_USER<br>"; echo "Your password is: $PHP_AUTH_PW";
echo <<<eot <html><head></head><body> <br> <br> <form action="$PHP_SELF" method="post"> <input type="hidden" name="cmd" value="logout"> <input type="submit" value="Logout"> </form> cmd=$cmd eot; echo "</body></html>"; ?>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi
On Sunday 18 of April 2004 19:53, Olivier Mueller wrote:
if(!isset($_SERVER["PHP_AUTH_USER"]) || ("logout" == $cmd && ! $logging_out)) { if("logout" == $cmd) { setcookie("logging_out", "1"); } header('WWW-Authenticate: Basic realm="Theseus"'); header('HTTP/1.0 401 Unauthorized'); header("Status: 401 Unauthorized"); echo "You have to authenticate<br>"; exit; }
Do I understand that this is logout for HTTP mode that uses cookies?
- -- Regards Michal Čihař http://cihar.com
Olivier Mueller a écrit :
got this on a private mail account: (no time to look at it now, will check during the week).
regards, Olivier
-------- Forwarded Message -------- From: Ing. Jozef Sakalos jsakalos@aariadne.com Subject: Better logout Date: Sun, 18 Apr 2004 19:37:05 +0200 Mailer: KMail/1.6.51
Hi Olivier,
I just downloaded and installed CVS version of phpMyAdmin and I found that you've added the logout button to the left frame.
The drawback is that if you click it you cannot login with the same name and password. You've probably used example from PHP documentation.
He is talking about 'http' auth_type only. This is the old limitation documented in FAQ 3.1.
I've been working on the logout feature too, and I found the better solution (see code snippet at the end of this e-mail).
I use logout button that POSTs cmd=logout to the PHP code. When logout command is processed I set cookie (well, this is browser settings dependent) to prevent infinite loop of log-in dialogs.
If the browser needs to accept cookies for this, I am not sure it's a good general solution. Anyway, he should not just check $logging_out but use $_COOKIE and friends.
Marc
Once the user authenticates, I delete the cookie.
This way I can log-in with the same name/password.
Use this if you want and let me know your opinion.
Best Regards, Ing. Jozef Sakalos jsakalos@aariadne.com
<? if(!isset($_SERVER["PHP_AUTH_USER"]) || ("logout" == $cmd && ! $logging_out)) { if("logout" == $cmd) { setcookie("logging_out", "1"); } header('WWW-Authenticate: Basic realm="Theseus"'); header('HTTP/1.0 401 Unauthorized'); header("Status: 401 Unauthorized"); echo "You have to authenticate<br>"; exit; } setcookie("logging_out", "", time() - 3600); echo "Hello: $PHP_AUTH_USER<br>"; echo "Your password is: $PHP_AUTH_PW"; echo <<<eot <html><head></head><body> <br> <br> <form action="$PHP_SELF" method="post"> <input type="hidden" name="cmd" value="logout"> <input type="submit" value="Logout"> </form> cmd=$cmd eot; echo "</body></html>"; ?>
This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel