On Thu, 02 May 2013 14:46:36 -0400, Ben Johnson <ben@xxxxxxxxxxxxxxxx> wrote: > >P.S. I advise you not to try to write-out your htpasswd files using pure >PHP. It seems much more sound to use the Apache-provided utility >executables to manipulate htpasswd and related files. > >In other words, use PHP's proc_open() or similar to call the appropriate >utility to manipulate the Apache files. I think you would have a hell of >a time trying to recreate in PHP all the functionality that *already >exists* in those utilities. > UPDATE: After some time being spent on PHP coding for Android app registration with MySql integration I am back at the password checking. Turns out that now that I know PHP better I have been able to verify that the PHP function crypt(<passwd>, <salt>) generates the expected hash on my Win7 based test system running Apache and PHP5. It is only the Apache supplied password utility that seems unable to create password files with the UNIX crypt hashes and also to use these hashes for user verification. :-( PHP in and of itself is capable of handling the hashing in a way compatible to UNIX/LINUX based systems. And this gives me the possibility to create a htpasswd file via PHP on any host system as long as PHP5 or above is used. User verification against that hash is also possible. -- Bo Berglund Developer in Sweden --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|