[pmwiki-users] AuthUser - logout asks for user name and password?!

H. Fox haganfox at users.sourceforge.net
Thu Sep 8 22:28:49 CDT 2005


On 9/8/05, Rob Fisher <Rob at robfisher.freeserve.co.uk> wrote:
> I am using AuthUser to implement a user name and password on my site (at
> present only one - but in the future this will be expanded)
> 
> My popup sidebar correctly allows me to login - and updates to reflect the
> fact that I can now edit pages etc.
> 
> BUT when I go to logout I get a windows message box, with the title
> "Connect to www.robfisher.info" prompting for a user name and password.
> 
> What is this?  It seems as though the server is blocking the script's
> attempt to destroy the cookie?
> 
> Help appreciated!
> 
> Site = www.robfisher.info/Wolf
> 
> Use popup menu to login as test / test
> 
> And try to logout!

There's some code I recognize in simple.php.  ;-)

Try turning

    $Realm = "Some Realm";

    if (@$_GET['action'] == 'logout') {
        Header("WWW-Authenticate: Basic realm=\"$Realm\"");
        Header('HTTP/1.0 401 Unauthorized');
        exit;
    }

into

    $Realm = "Some Realm";

    if (@$_GET['action'] == 'logout' && isset($_SERVER['REMOTE_USER'])) {
        Header("WWW-Authenticate: Basic realm=\"$Realm\"");
        Header('HTTP/1.0 401 Unauthorized');
        exit;
    }

Hagan




More information about the pmwiki-users mailing list