Re: Matching logins to an old htpasswd file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Ryan,

On 03-03, Ryan A wrote:
> test:dGRkPurkuWmW2 (test:test)
> test1:dGlAW3zdxeAG2 (test1:test1)

$php -r "print crypt('test',base64_encode('test'));";
-> dGRkPurkuWmW2
$php -r "print crypt('test1',base64_encode('test1'));";
-> dGlAW3zdxeAG2

So compare the password string with the output of crypt with
the password as its key and salt argument.
(References: http://www.htaccesstools.com/forum/index.php/t/25/ ,
crypt(3) man page)

Remark: Asking users to send their login password via an
unencrypted webpage only should be done within secure networks.
(Anyone can sniff HTTP, use HTTPS otherwise.)

HTH,

-- 
Holger Blasum +49-174-7313590 (cell) GnuPG 1024D/ACDFC3B769DC1ED66B47

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux