ansaurus

Question

how to edit .htpasswd using php?

Answer 1

+1 A:

Don't. Store your authdb in a database instead, via e.g. mod_auth_mysql.

Ignacio Vazquez-Abrams 2010-06-08 04:09:25

@ignacio Vazquez-Abrams do you have any tutorials on how to implement it

Mahmoud 2010-06-08 04:21:26

Answer 2

+1 A:

You could use php's exec to call htpasswd and change it:

exec('htpasswd -nb someusername somepassword', $output);

http://php.net/manual/en/function.exec.php

Prix 2010-06-08 04:10:34

Of course, you would need to be super-super-super sure you are escaping those shell arguments properly!!

Matchu 2010-06-08 04:11:08

@Prix i am not adding i am searching then editing, thanks anyways

Mahmoud 2010-06-08 04:28:57

@Mahmoud this command will edit if exist or add if it does not exist, you can read more about the htpasswd commands at http://httpd.apache.org/docs/2.0/programs/htpasswd.html

Prix 2010-06-08 04:30:51

Answer 3

+1 A:

Googled "php generate htpasswd", got this article: How to create a password for a .htpasswd file using PHP.

The key line seems to be:

$password = crypt($clearTextPassword, base64_encode($clearTextPassword));

So I imagine you'd read in the file contents with file_get_contents, parse it into an associative array, modify the relevant entries (encrypting the password as shown above), write the array back into a string, and use file_put_contents to write the file back out.

This is most definitely not standard practice, however. Sounds like the job for a database. If you feel weird about setting up a whole database server, and your host supports it, SQLite might be a good choice.

Matchu 2010-06-08 04:10:45

@Matchu i found a fully functional class but the problem with it is that if the user exist it doesn't over write it, it adds another line, there i well be having the same user but multiple passwords `http://www.weberdev.com/get_example-4178.html`

Mahmoud 2010-06-08 04:17:19

@Mahmoud - how interesting. I wish you luck in either modifying the code to fit your needs, or writing your own solution.

Matchu 2010-06-08 04:20:15

@Matchu i am only using there idea, not the code itself, i want to create a solutions but i am stuck after encoding the password, is it possible to search and overriding the text

Mahmoud 2010-06-08 04:26:05

Answer 4

+1 A:

Ofc this is just a sample, that will read your current file, find the given username and change either it is password of username.

Please keep in mind that this code is not safe and you would still need to parse the username and password so it does not break your file.

    $username = $_POST['user'];
    $password = $_POST['pass'];
    $new_username = $_POST['newuser'];
    $new_password = $_POST['newpass'];
    $action = $_POST['action'];
    //read the file into an array
    $lines = explode("\n", file_get_contents('.htpasswd'));

    //read the array and change the data if found
    $new_file = "";
    foreach($lines as $line)
    {
        $line = preg_replace('/\s+/','',$line); // remove spaces
        if ($line) {
            list($user, $pass) = split(":", $line, 2);
            if ($user == $username) {
                if ($action == "password") {
                    $new_file .= $user.':'.$new_password."\n";
                } else {
                    $new_file .= $new_username.':'.$pass."\n";
                }
            } else {
                $new_file .= $user.':'.$pass."\n";
            }
        }
    }

    //save the information
    $f=fopen(".htpasswd","w") or die("couldn't open the file");
    fwrite($f,$new_file);
    fclose($f);

Prix 2010-06-08 05:20:24

ansaurus

tags:

views:

answers:

how to edit .htpasswd using php?

related questions