You can use PHP to handle the auth headers and all: http://www.php.net/manual/en/features.http-auth.php That might give you more flexibility than trying to dynamically set it on the .htpassword and such. There are a couple of ways to encrypt something. You can do it in a way that can be decrypted and checked against what the user entered. Or you can do a one-way encryption that uses the same method every time, so someone enteres "dog" and it encrypts into "sdlkfj".. If you do a one-way encryption, there's no feasible way to turn "sdlkfj" back into "dog" but if the user enters "dog" again, and you encrypt it the same way, it'll always come out as "sdlkfj" which will match the one-way encrypted string that you stored. If you want to be cheesy, you can also use something like an MD5 has on "dog" and get whatever it gets.... Then every time someone enters "dog" it always ends up with the same MD5 hash. The chance of two different strings having the same MD5 hash is very very unlikely. Anyway, some stuff to think about. Good luck! -TG > -----Original Message----- > From: Han [mailto:han@xxxxxxxxxxxxx] > Sent: Thursday, November 18, 2004 11:29 AM > To: Bastien Koert; peter@xxxxxxxxxxxxxx; php-db@xxxxxxxxxxxxx > Subject: password encryption > > > Hello, > > I'm having a real problem and wondering if anyone can help. > > I need to set up htaccess ans htpasswd files to authenticate > users on my > system. > I need to do it with PHP, but can't find a way of encrypting > the password so > it works. > > I've used an online encrypter for testing the system, and > I've got the > .htaccess and .htpasswd files correct, but I need to programmatically > encrypt the password in my script then write it to the 2 files. > > Han. > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
