Hello, all -
I've been trying to figure out a reliable way of creating user:pass
combinations to be used from within an Apache-based .htpasswd file.
>From what I understand, PHP's crypt() function is almost identical to
the Linux system crypt() function, which 'htpasswd' uses. However, when
usin
signs
http://www.lightsparkdigital.com/
>> -Original Message-
>> From: Daniel Baughman [mailto:[EMAIL PROTECTED]
>> Sent: Friday, May 28, 2004 12:56 AM
>> To: [EMAIL PROTECTED]
>> Subject: [PHP] .htpasswd login
>>
>>
>> I have some sites that I would l
I have some sites that I would like to view the user name that someone provided to the
basic authentication mechanism in apache.
Does php/apache provide a means for this?
]
Sent: Saturday, February 15, 2003 6:06 PM
To: [EMAIL PROTECTED]
Subject: [PHP] .htpasswd and PayPal generated passwords
I use PayPal to generate a username and password and then write them
to the .htpasswd file. If I were to switch to using a database (because
.htaccess seems to always
I use PayPal to generate a username and password and then write them to
the .htpasswd file. If I were to switch to using a database (because
.htaccess seems to always prompt twice!) how would I perform the comparison
for the passwords? It would seem that everytime you generate an encrypted
pass
I am currently trying to create a .htpasswd file for apache using PHP and
the crypt() on Win2k. I can generate the file alright but it does not work.
I have looked into some classes as well and all use the crypt() function.
The reason for this not working is probably the algorithm used because the
"Evan Nemerson" <[EMAIL PROTECTED]>
To: "Kris" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, January 23, 2003 12:37 AM
Subject: Re: [PHP] htpasswd
> Don't chmod .htpasswd- _huge_ security risk... Will your server allow you
to
> have suid s
Don't chmod .htpasswd- _huge_ security risk... Will your server allow you to
have suid scripts??? If so, you can just write a little wrapper and make it
suid. If you do that, I'd also reccomend using an extension other than PHP,
and/or placing it outside your web root. Wouldn't want people addin
Hi
I've built a secure site. After the user has chosen a valid username and password I
want my script to run htpasswd on the .htpasswd file in the directory.
The script can run htpasswd as it doesn't have permission.
What is the safest way to do this?
Should I chmod htpasswd or is there a bette
%htpasswd --help
Usage:
htpasswd [-cmdps] passwordfile username
htpasswd -b[cmdps] passwordfile username password
htpasswd -n[mdps] username
htpasswd -nb[mdps] username password
-c Create a new file.
-n Don't update file; display results on stdout.
-m Force M
Does anyone know what encryption is used on passwords in a .htpasswd file?
Zim
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
\n";
exit();
}
if ( isset($PHP_AUTH_USER) AND isset($PHP_AUTH_PW) AND $peop_r =
fetch_db_value('people_manager', "WHERE username = '$PHP_AUTH_USER' AND
password = '$PHP_AUTH_PW' ") )
$SessionID = $peop_r['peopleID'];
else
{
Header("WWW-Authenticate: Basic realm='$SERVER_NAME' ");
Head
Jack,
> not sure i follow...you open it with php do whatever you need and close
> it...its just a text file...
It's not just a text file delimited by a colon. You can indeed just type:
user:password
but it should be:
user:crypt(password)
When I perled, I knew how to database a text file deli
not sure i follow...you open it with php do whatever you need and close
it...its just a text file...
-Original Message-
From: jtjohnston [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 18, 2001 1:00 PM
To: [EMAIL PROTECTED]
Subject: [PHP] php htpasswd
I'm sure question has
I'm sure question has been asked. How can I edit a htpasswd (apache)
file using a php script? Does anyone have a piece of code? I would like
to see the crypted passwords, but will live without.
Thanks,
J
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED
Is it possible for users to change passwords from htaccess files in php? I do not
want to use the database or sessions for account management as I already have 40 or so
htaccess accounts set up for different areas.
Thanks.
lt;[EMAIL PROTECTED]>
Sent: Thursday, October 25, 2001 3:59 PM
Subject: [PHP] htpasswd
> Can php write to a htpasswd file? If it can will someone point me in the
> right direction.
>
> TIA
> Gary
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To uns
Can php write to a htpasswd file? If it can will someone point me in the
right direction.
TIA
Gary
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL
Your can use the php crypt() function to encrypt the passwords in the
.htpasswd file
$newPwd = crypt( trim( $newPwd) ); // encrypt the new password
Brandon Orther wrote:
> Hello,
>
> I am trying to make a script that creates .htpasswd files. Does anyone
> know what encryption is used?
>
> Tha
Brandon Orther wrote:
> Hello,
>
> I am trying to make a script that creates .htpasswd files. Does anyone
> know what encryption is used?
>
> Thanks
> Brandon
>
It can be crypt() or MD5 or SHA, you could call htpasswd.
See man htpasswd under *nix.
--
PHP General Mailing List (http://www.php
It can really depend on your system.
On mine, for instance, it uses regular crypt() with a 2 character salt
So, you can generate a random 2 character string to pass as the salt
argument in php, and create it that way.
IF that is the method used by your system
Wanna test it?
Peek inside etc/pass
At 04:39 PM 4/9/2001, Brandon Orther wrote:
i believe that the scheme is md5
~kurth
>Hello,
>
>I am trying to make a script that creates .htpasswd files. Does anyone know
>what encryption is used?
>
>Thanks
>Brandon
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mai
Hello,
I am trying to make a script that creates .htpasswd files. Does anyone know
what encryption is used?
Thanks
Brandon
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list admini
Hi,
you might want to take a look at this one:
http://www.thewebmasters.net/php/Htpasswd.phtml
Works in both php3 and php4.
Give you functions for adding/deleting/listing/renaming users + much more,
in standard .htpaccess password files.
I use it myself on several sites, it works great.
- t.a
EMAIL PROTECTED]
Subject: [PHP] .htpasswd?
Is there a way that when a user signs up for a
user/pass on a site, to automatically update the
.htpasswd on the site? Right now I'm running a Win2k
Pro, with Apache installed and MySQL/PHP.
Than
Yes, you can, just write a script to call "htpasswd -b yourUserFile userID
passwd".
:)
David
>From: James Smith <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED], [EMAIL PROTECTED]
>Subject: [PHP] .htpasswd?
>Date: Wed, 31 Jan 2001 13:21:35 -0800 (PST)
>
>Is there a
Is there a way that when a user signs up for a
user/pass on a site, to automatically update the
.htpasswd on the site? Right now I'm running a Win2k
Pro, with Apache installed and MySQL/PHP.
Thanks,
James
__
Get personalized email addresses fro
27 matches
Mail list logo
