Hello,
I just searched through this forum and the web but I did not find a satisfiing solution for my problem: ;(
I have a list of users stored in my htpasswd file saved in /users/pass:
user1:encrypted_password1
user2:encrypted_password2
...
Now I want to make a log-in form where users can directly login from.
If they enter an invalid username/password combination, a page with an individual error message should be loaded.
I tried to compare the entered and the encrypted password with this code:
$salt = substr( $password , 0 , CRYPT_SALT_LENGTH);
if (crypt($password,$salt) == encrypted_password_from_htpasswd) {
//show success page
}
else {
//show error page
}
But this does not work because the salt seems to be generated dynamically.
e.g. these are two versions of the encrypted password "hello" and username "hallo":
1.) hallo:sLsIVjcWIcOWg
2.) hallo:Krr/Lf9Mxnalw
Are there any other solutions on how to do this authentication (it is important that a custom login an error page is possible), e.g. with sending headers?
thanks,
