| Re: Query about WWW-Authenticate: Basic and bad UserID/Password recovery [message #178351 is a reply to message #178349] |
Sun, 10 June 2012 20:54   |
Richard Damon
Messages: 58
Registered: August 2011
Karma:
|
Member |
|
|
On 6/10/12 4:14 PM, Robert Rosenberg wrote:
> Per the samples I have seen in manuals and on the php,net site I store the
> header statements in a if(!isset($_SERVER['PHP_AUTH_USER'])) delineated
> section.
>
> I test the supplied UserID and Password to see if they are a valid pair. My
> problem is that when they are not (right now I have a hard coded pair to use
> in my testing) I issue an error message and have the user try again (by
> having the page relaunched via a link). The problem is that the IF sees that
> the UserID is already set (to the bad value) and thus will not reissue the
> login menu. How do I invalidate the stored value so that the IF will return
> TRUE and thus cause the menu to be issued? I tried adding a
> $_SERVER['PHP_AUTH_USER'])=""; or a unset($_SERVER['PHP_AUTH_USER']); in my
> error routine (with the link) I still do not get the the menu.
>
> Please Help.
>
> Thank you.
>
The issue is you need to tell the browser that the log in information is
incorrect, which you can do by sending a header with a 401 Not
Authorized error code. This should trigger the browser to pop up the
login box. You are probably doing this for no UserId, you also need to
do it for a wrong user ID.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]