I have installed the open source PHP Deadlock authentication system.
It uses .htpasswd and .htaccess files. This works well apart from it
doesn't allow user logout without closing their browser. The logout
script is shown below.
Any suggestions to make it work? Or any other php authentication
system that allows user registration, email confirmation, forgotten
password reminders, and logout.
<?
/
*************** *************** *************** *************** *************** ***
* This file is part of the Deadlock PHP User Management
System. *
*
*
* File Description: Logs a user out of the protected
area. *
*
*
* Deadlock is free software; you can redistribute it and/or
modify *
* it under the terms of the GNU General Public License as published
by *
* the Free Software Foundation; either version 2 of the License,
or *
* (at your option) any later
version. *
*
*
* Deadlock is distributed in the hope that it will be
useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty
of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the *
* GNU General Public License for more
details. *
*
*
* You should have received a copy of the GNU General Public
License *
* along with Deadlock; if not, write to the Free
Software *
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
02110-1301 USA *
*************** *************** *************** *************** *************** ***/
/*
Enter the path to deadlock that is relative to the document root
For example, if deadlock is at http://yoursite.com/deadlock/, here
you would
just enter the /deadlock/. Be sure to enter a trailing forward
slash!
*/
$deadlock_path = '/deadlock/';
/*
Below, you should specify the page to redirect to when the user has
been logged out.
*/
$redirect = 'http://yoursite.com/logged_out.html ';
/* You do NOT need to modify below this line
-------------------------------------------------------------------------------------------
*/
require($_SERVE R['DOCUMENT_ROOT'].$deadlock_path .'db_config.php ');
mysql_connect($ mysql['host'],$mysql['username'],$mysql['password']) or
die('Could not connect to mysql.');
mysql_select_db ($mysql['database']) or die('Could not select mysql
database.');
if($result = mysql_query('SE LECT * FROM '.$mysql['prefix'].'config'))
{
while (($row = mysql_fetch_arr ay($result)) != false) {
$config[$row['option_name']] = $row['value'];
}
} else {
die('MySQL query failed. MySQL said: '.mysql_error() );
}
if($config['digest_auth'] == 'true'){
die('The logout script does not support digest authentication. ');
}
header("WWW-Authenticate: Basic realm=
\"{$config['protected_area _name']}\"");
header("Status: 401 Unauthorized");
header("HTTP-Status: 401 Unauthorized");
header("Locatio n: ".$redirect );
exit;
?>
It uses .htpasswd and .htaccess files. This works well apart from it
doesn't allow user logout without closing their browser. The logout
script is shown below.
Any suggestions to make it work? Or any other php authentication
system that allows user registration, email confirmation, forgotten
password reminders, and logout.
<?
/
*************** *************** *************** *************** *************** ***
* This file is part of the Deadlock PHP User Management
System. *
*
*
* File Description: Logs a user out of the protected
area. *
*
*
* Deadlock is free software; you can redistribute it and/or
modify *
* it under the terms of the GNU General Public License as published
by *
* the Free Software Foundation; either version 2 of the License,
or *
* (at your option) any later
version. *
*
*
* Deadlock is distributed in the hope that it will be
useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty
of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
the *
* GNU General Public License for more
details. *
*
*
* You should have received a copy of the GNU General Public
License *
* along with Deadlock; if not, write to the Free
Software *
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
02110-1301 USA *
*************** *************** *************** *************** *************** ***/
/*
Enter the path to deadlock that is relative to the document root
For example, if deadlock is at http://yoursite.com/deadlock/, here
you would
just enter the /deadlock/. Be sure to enter a trailing forward
slash!
*/
$deadlock_path = '/deadlock/';
/*
Below, you should specify the page to redirect to when the user has
been logged out.
*/
$redirect = 'http://yoursite.com/logged_out.html ';
/* You do NOT need to modify below this line
-------------------------------------------------------------------------------------------
*/
require($_SERVE R['DOCUMENT_ROOT'].$deadlock_path .'db_config.php ');
mysql_connect($ mysql['host'],$mysql['username'],$mysql['password']) or
die('Could not connect to mysql.');
mysql_select_db ($mysql['database']) or die('Could not select mysql
database.');
if($result = mysql_query('SE LECT * FROM '.$mysql['prefix'].'config'))
{
while (($row = mysql_fetch_arr ay($result)) != false) {
$config[$row['option_name']] = $row['value'];
}
} else {
die('MySQL query failed. MySQL said: '.mysql_error() );
}
if($config['digest_auth'] == 'true'){
die('The logout script does not support digest authentication. ');
}
header("WWW-Authenticate: Basic realm=
\"{$config['protected_area _name']}\"");
header("Status: 401 Unauthorized");
header("HTTP-Status: 401 Unauthorized");
header("Locatio n: ".$redirect );
exit;
?>
Comment