htpasswd

cap97

I have a set amount of users that I've handpicked to help me update my site. They're all added to the htaccess file that allows them into the development section. I've also provided them a form that allows them to update their profiles, etc. in the database. Since I don't want to make up passwords for them, I'd like to allow them to update my made-up password to whatever password they want. So I've created a new_password field in their profile form and set it up so if they don't fill that in, it ignores it, if they do, it updates the .htpasswd file. At least...I've done this in theory. I'm not sure how to get php to execute the update in .htpasswd. Presumably have it execute a line like:

htpasswd .htpasswd $PHP_AUTH_USER $Newpass

Not sure how to do that though...any ideas?

fire_cracker

I'm not sure if this answers your question, and I'm still learning mySQL, but the way that I would do it is first, I would have the script find that users htpasswd entry, delete it, and then write a new one like this:

if($new_password)
  {
  if($filehandle = fopen($file_dir/.htpasswd, "a")
    {
    $enc_pass = crypt($new_password);
    fputs($filehandle, "$username:$new_password");
    fclose($filehandle);
    print("Password Update Complete");
    }
  else
    {
    echo($error);
    }
  }

I hope that helps, if you want a good script for deleting entries in htpasswd check out http://www.scriptschool.com/php/, he has a good, free, script there that you can modify to your every need.

cap97

Thanks. This solution ended up working for me:


$password = "/usr/local/apache/bin/htpasswd -b /home/username/.htpasswd $PHP_AUTH_USER $Newpass";
exec($password);

Basically, it calls out htpasswd.exe in Apache, which auto-encrypts passwords, etc.