[wdvltalk] Re: htaccess & mysql

Thu, 12 Dec 2002 09:15:50 -0800 

> Can you post the relevant bit of code? There are a couple of PERL gurus on
> this list
>From .htaccess
<snip>
AuthName "Foo"
AuthType Basic
AuthUserFile /myfoopath/.htpasswd

require valid-user
</snip>

>From upload.pl
<snip>
use vars qw(%FORM $domain $dbuser $dbpass $dbh $imagedir $db);
my $rawuser = $cgi->param('user');
my $pass = $cgi->param('pass');
my $pic = $cgi->param('pic');

</snip>
<snip>
if ($rawuser eq "" || $pass eq "") { error("You didn't enter
username/password!"); }
</snip>
<snip>
sub validate {

$dbh = DBI->connect("DBI:mysql:$db:$domain",$dbuser,$dbpass) or
error("Connect error $DBI::errstr");

my $password = crypt($pass, 'az');

$SQL = "SELECT user_id FROM Users WHERE username = '$username' AND password
= '$password'";
 $query = $dbh->prepare($SQL) or error("prepare");
 $query->execute or error("execute");
 $id = $query->fetchrow_array();
 $query->finish;

 if ($id eq "") { error("Username/Password not found!"); }
</snip>

There is one thing that might explain it is that I not include the .htgroup
element when these users were registered, however it shouldn't have stopped
mid-session, I think, even with this omission, in fact I don't think that
this element was ever included, but it was working for a long time before
October, but I ca't remember and the backups shed no light as I did not
backup this 1 (possibly 2 file ) dir. The .htpasswrd file has the correct
time stamp too.
----- Original Message -----
From: "Jon Haworth" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, December 13, 2002 3:49 AM
Subject: [wdvltalk] Re: htaccess & mysql


> Hi Kate,
>
> > The database password reconciles with the .htpassword
> > too, so does that eliminate my code too?
>
> Database password? I thought you were doing .htaccess/.htpasswd
> authentication?
>
> I've probably misunderstood something...
>
> Are you just storing the passwords in a database for reference, or are you
> authenticating against the database?
>
> > The only thing that that coincides with the breakdown
> > was the upload.pl, worked last night, fell over today.
>
> Can you post the relevant bit of code? There are a couple of PERL gurus on
> this list (not me, though)
>
> It might be helpful if you could post the .htaccess file as well in case
> there's a problem there.
>
>
> Cheers
> Jon
>
> ____ � The WDVL Discussion List from WDVL.COM � ____
> To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED]
>        Send Your Posts To: [EMAIL PROTECTED]
> To change subscription settings to the wdvltalk digest version:
>     http://wdvl.internet.com/WDVL/Forum/#sub
>
> ________________  http://www.wdvl.com  _______________________
>
> You are currently subscribed to wdvltalk as: [EMAIL PROTECTED]
> To unsubscribe send a blank email to %%email.unsub%%


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.427 / Virus Database: 240 - Release Date: 7/12/02


____ � The WDVL Discussion List from WDVL.COM � ____
To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] 
       Send Your Posts To: [EMAIL PROTECTED]
To change subscription settings to the wdvltalk digest version:
    http://wdvl.internet.com/WDVL/Forum/#sub

________________  http://www.wdvl.com  _______________________

You are currently subscribed to wdvltalk as: [email protected]
To unsubscribe send a blank email to [EMAIL PROTECTED]

Reply via email to