Verify that .htpasswd is in place or warn?
Posted 27 July 2006 - 06:03 AM
I do not want to authenticate w/php - just want to remind the user that they haven't locked up their admin.
any code snips? Links? examples? sympathies?
Posted 27 July 2006 - 06:32 AM
I should be able to check via the actual information sent via the login. For the life of me I can not find my Perl script I did this in but want to say it was a check to see if $ENV('REMOTE_USER') or AUTH_USER (or something along those lines) was empty, give the warning - if it had info, they log'd in.
Such a lack of sleep the past week however, that may be a code snippet floating in my head from something completely different.
Posted 27 July 2006 - 06:39 AM
Posted 27 July 2006 - 07:50 AM
Yes: it would likely show me that the .htpasswd file is in root, and that there is an .htaccess in the proper directory.
No: It would not show me if that directory was password protected (as both files could be blank, or the .htpasswd could have auth info for a diff directory, etc).
still researching it and if I find the answer before someone comes up w/it here I'll post my results for any searching in the future.
Posted 27 July 2006 - 08:19 AM
and then just
if(in_array('what ever needs to be there', $array)) echo 'Your all good!';
else echo 'Your not so good';
Posted 27 July 2006 - 09:44 AM
an .htaccess file is basically a set of server instructions. In this instance, it would provide the server w/the instruction that this directory is password protected, and you can look here (path to .htpasswd file) to find the user/pass information that is allowed (.htaccess can be used for so much more, this is just one use).
an .htaccess/.htpasswd can have various info in it - some things will always be different (username, encrypted password in the .htpasswd file - path to user root, log in comment, and other things depending if they will have only 1 user or multiples).
ie: lots of coding to strip, match, if/else, etc - when I know that perl can do it in 2 lines (if they didnt authenticate to get here, tell 'em they have a security issue).
If perl can do it, I know php can.
From what I have found so far, seems the methods would be different depending if you are running php in cgi mode (my host does). I will find this, I will I will I will!
Posted 27 July 2006 - 09:48 AM
Posted 27 July 2006 - 10:35 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users