Hello, all -
I've been trying to figure out a reliable way of creating user:pass
combinations to be used from within an Apache-based .htpasswd file.
From what I understand, PHP's crypt() function is almost identical to
the Linux system crypt() function, which 'htpasswd' uses. However, when
://www.lightsparkdigital.com/
-Original Message-
From: Daniel Baughman [mailto:[EMAIL PROTECTED]
Sent: Friday, May 28, 2004 12:56 AM
To: [EMAIL PROTECTED]
Subject: [PHP] .htpasswd login
I have some sites that I would like to view the user name
that someone provided to the basic authentication
I have some sites that I would like to view the user name that someone provided to the
basic authentication mechanism in apache.
Does php/apache provide a means for this?
]
Sent: Saturday, February 15, 2003 6:06 PM
To: [EMAIL PROTECTED]
Subject: [PHP] .htpasswd and PayPal generated passwords
I use PayPal to generate a username and password and then write them
to the .htpasswd file. If I were to switch to using a database (because
.htaccess seems to always
I use PayPal to generate a username and password and then write them to
the .htpasswd file. If I were to switch to using a database (because
.htaccess seems to always prompt twice!) how would I perform the comparison
for the passwords? It would seem that everytime you generate an encrypted
I am currently trying to create a .htpasswd file for apache using PHP and
the crypt() on Win2k. I can generate the file alright but it does not work.
I have looked into some classes as well and all use the crypt() function.
The reason for this not working is probably the algorithm used because the
[EMAIL PROTECTED]
To: Kris [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, January 23, 2003 12:37 AM
Subject: Re: [PHP] htpasswd
Don't chmod .htpasswd- _huge_ security risk... Will your server allow you
to
have suid scripts??? If so, you can just write a little wrapper and make
it
suid
Hi
I've built a secure site. After the user has chosen a valid username and password I
want my script to run htpasswd on the .htpasswd file in the directory.
The script can run htpasswd as it doesn't have permission.
What is the safest way to do this?
Should I chmod htpasswd or is there a
Don't chmod .htpasswd- _huge_ security risk... Will your server allow you to
have suid scripts??? If so, you can just write a little wrapper and make it
suid. If you do that, I'd also reccomend using an extension other than PHP,
and/or placing it outside your web root. Wouldn't want people
Does anyone know what encryption is used on passwords in a .htpasswd file?
Zim
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
%htpasswd --help
Usage:
htpasswd [-cmdps] passwordfile username
htpasswd -b[cmdps] passwordfile username password
htpasswd -n[mdps] username
htpasswd -nb[mdps] username password
-c Create a new file.
-n Don't update file; display results on stdout.
-m Force
I'm sure question has been asked. How can I edit a htpasswd (apache)
file using a php script? Does anyone have a piece of code? I would like
to see the crypted passwords, but will live without.
Thanks,
J
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL
not sure i follow...you open it with php do whatever you need and close
it...its just a text file...
-Original Message-
From: jtjohnston [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 18, 2001 1:00 PM
To: [EMAIL PROTECTED]
Subject: [PHP] php htpasswd
I'm sure question has been
Jack,
not sure i follow...you open it with php do whatever you need and close
it...its just a text file...
It's not just a text file delimited by a colon. You can indeed just type:
user:password
but it should be:
user:crypt(password)
When I perled, I knew how to database a text file
?
include_once('cookie.egn');
include_once('database.egn');
function bad_passwd()
{
echo You have entered an invalid password.br\n;
exit();
}
if ( isset($PHP_AUTH_USER) AND isset($PHP_AUTH_PW) AND $peop_r =
fetch_db_value('people_manager', WHERE username = '$PHP_AUTH_USER' AND
Is it possible for users to change passwords from htaccess files in php? I do not
want to use the database or sessions for account management as I already have 40 or so
htaccess accounts set up for different areas.
Thanks.
Can php write to a htpasswd file? If it can will someone point me in the
right direction.
TIA
Gary
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL
: Thursday, October 25, 2001 3:59 PM
Subject: [PHP] htpasswd
Can php write to a htpasswd file? If it can will someone point me in the
right direction.
TIA
Gary
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail
Brandon Orther wrote:
Hello,
I am trying to make a script that creates .htpasswd files. Does anyone
know what encryption is used?
Thanks
Brandon
It can be crypt() or MD5 or SHA, you could call htpasswd.
See man htpasswd under *nix.
--
PHP General Mailing List (http://www.php.net/)
Hello,
I am trying to make a script that creates .htpasswd files. Does anyone know
what encryption is used?
Thanks
Brandon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list
At 04:39 PM 4/9/2001, Brandon Orther wrote:
i believe that the scheme is md5
~kurth
Hello,
I am trying to make a script that creates .htpasswd files. Does anyone know
what encryption is used?
Thanks
Brandon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL
It can really depend on your system.
On mine, for instance, it uses regular crypt() with a 2 character salt
So, you can generate a random 2 character string to pass as the salt
argument in php, and create it that way.
IF that is the method used by your system
Wanna test it?
Peek inside
Hi,
you might want to take a look at this one:
http://www.thewebmasters.net/php/Htpasswd.phtml
Works in both php3 and php4.
Give you functions for adding/deleting/listing/renaming users + much more,
in standard .htpaccess password files.
I use it myself on several sites, it works great.
-
Is there a way that when a user signs up for a
user/pass on a site, to automatically update the
.htpasswd on the site? Right now I'm running a Win2k
Pro, with Apache installed and MySQL/PHP.
Thanks,
James
__
Get personalized email addresses
Yes, you can, just write a script to call "htpasswd -b yourUserFile userID
passwd".
:)
David
From: James Smith [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: [PHP] .htpasswd?
Date: Wed, 31 Jan 2001 13:21:35 -0800 (PST)
Is there a way that when a user signs up
25 matches
Mail list logo
