Description: ------------ with Strict errors on, on first access to an Auth-enabled site I get Notice: Undefined index: username in C:\wamp\php\PEAR\Auth.php on line 1021

Line 1021 is inside the logout function. It seems that you call logout() before someone is logged in. The error is easily fixable but perhabs you should remove that logout() call. Imho the best fix would be to only call the logout callback if there was someone logged in before.

ok I added an additional check to my code so the logout is not called if $_SESSION['username'] is not set, but I do think that Auth::logout() should not be throwing errors, whatever the scenario of it's call may be

this is true, I already added a patch with the bugfix, there should be gone with that.. The fix simply calls the logout callback only if actually someone gets logged out. But I can't add the patch to cvs/new version, this must be done from some who has the right karma(=permissions). But I am sure, it will.. PS: It's better to check $auth->checkAuth(), not directly $_SESSION

This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. I used a similar fix to Sascha's but calling checkAuth() at that point can cause an infinite loop if checkAuth() feels the session should be ended (timeout, security violation, etc).