--- docman.php	2001/12/15 20:33:37	1.50
+++ docman.php	2002/01/11 10:06:28	1.53
@@ -184,10 +184,10 @@
 	}
 	if (isset($PHP_AUTH_USER) && $PHP_AUTH_USER != "" && ($PHP_AUTH_PW == "" || !isset($PHP_AUTH_PW))) {
 		$url_title="login";
+		$url .= "&force_login=1";
 	} else {
 		$url_title="relogin";
 	}
-	$url.="&AU=${PHP_AUTH_USER}|AP=${PHP_AUTH_PW}|";
 ?>
 <small> [<a href="<?= $url ?>"><?= $url_title ?></a>]</small>
 </B>
@@ -196,7 +196,7 @@
 <br>
 &copy; 1999 by <A HREF="http://www.anyportal.com">ANYPORTAL</A>,
 &copy; 2000 by <A HREF="http://da.nger.org">d@nger.org</A>,
-&copy; 2000 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
+&copy; 2000-2002 by <A HREF="http://www.rot13.org/~dpavlin/">DbP</A>
 </small>
 </P>
 <BR>
@@ -1243,7 +1243,7 @@
 
 	// forks before authentication: style sheet and hash
 	// creation if password not yet set.
-	if ($STYLE == "get") { CSS() ; exit ; }
+	if (isset($STYLE) && $STYLE == "get") { CSS() ; exit ; }
 
 	$fsScriptDir  = dirname($SCRIPT_FILENAME) ; 	
 	// i.e. /home/httpd/html/docman
@@ -1268,7 +1268,7 @@
 			)
 		) && (
 			$PHP_AUTH_PW == "" || !isset($PHP_AUTH_PW)
-		)
+		) && !isset($force_login)
 	   ) {
 		StartHTML("Logout completed","Your login credentials has been erased") ;
 		EndHTML() ;
@@ -1278,7 +1278,8 @@
 	// authentication failure
 	if ( md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $gblPw ||
 		isset($relogin) && $gblPw == $relogin) {
-		header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ;
+		$realm="$HTTP_HOST";
+		header("WWW-authenticate: basic realm=\"$realm\"") ;
 		header("HTTP/1.0 401 Unauthorized") ;
 		NoEntry() ;
 		exit ;