Re: Anyone can post vsdadmauth.phtml in plain text?

Zen Woo Sat, 28 Apr 2001 23:46:04 -0700
As per your request:

--Begin vsdadmauth.phtml--
<?php
// FreeVSD Web Admin Interface
// PHP/MySQL Only Authentication Module
// (c)2001 Ross McKillop, (aq)vs ([EMAIL PROTECTED])
//
// This may be freely distributed.
//
// INSTALLATION INSTRUCTIONS
//  * Copy this file to the ./lib directory under the web admin tree
//  * add the following line to ./lib/global.phtml
//    include ('./lib/vsdadmauth.phtml'); // php/sql vsd authentication
//    directly below the line,
//    initdb ($h,$u,$p,$d); // initiate a db connection
//  * edit the configuration values below
//
// A NOTE ON ENCRYPTION
//  The encryption routine uses the built in MySQL encryption
//  this makes the VSD admin a little more secure than using
//  plain text for passwords which could be easily read if someone
//  gained access to the database.
//
//  It is therefore recommended that you enable this option
//  however DO NOT ENABLE ENCRYPTION if this is being used to
//  access an existing user authentication database as the passwords
//  will be clear text.
//
// EDIT THESE CONFIGURATION VARIABLES
//
$auth_realm = "aqvs administration";    //realm name
$auth_crypt = 0;        //      enable encryption of passwords
//
// END NOTES AND USER CONFIGURABLE SECTION
?>
<?
function dovsdauth()
{
   global $auth_realm;
   Header( "WWW-authenticate:  basic  realm=$auth_realm");
   Header( "HTTP/1.1  401  Unauthorized");
   echo "<h1>401 Unauthorized</h1><HR>";
   exit;
}
if(!isset($PHP_AUTH_USER))
{
   authenticate();
}
else
{
   global $auth_crypt;
   if ($auth_crypt != 1) {
           $result = mysql_query("select passwd,id FROM siteusers where id =
'$PHP_AUTH_USER'");
           $row = mysql_fetch_array($result);
           if ($PHP_AUTH_PW!=$row["passwd"] || $PHP_AUTH_USER!=$row["id"])
dovsdauth();
   }
   if ($auth_crypt == 1) {
           $result = mysql_query("select id,passwd FROM siteusers where id =
'$PHP_AUTH_USER' AND passwd = PASSWORD('$PHP_AUTH_PW')");
           $row = mysql_fetch_array($result);
           if ($row["id"]!=$PHP_AUTH_USER) dovsdauth();
   }
}
//xt
?>
--end vsdadmauth.phtml--

Zen Woo

----- Original Message -----
From: "Free VSD" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, April 29, 2001 10:49 AM
Subject: Anyone can post vsdadmauth.phtml in plain text?


Dear Experts,

Can anyone post a working version of vsdadmauth.phtml in plain text in this
mailing list? (PLEASE do not send as attachment, thank you)
--

_______________________________________________
Get your free email from www.kittymail.com

Powered by Outblaze
Re: Anyone can post vsdadmauth.phtml in plain text?

Reply via email to
