Forum Moderators: mack
I'm looking to create an online form to update the news section of my page for members of my company and want to create 1 or 2 usernames/passwords for them. I'd like to make an entire folder in my site password protected for several different file types.
or you could use a php sessions type setup
PHP User Authentication [webmasterworld.com]
I have one problem though I can't find how to encrypt the .htpasswd file. I've found a bunch of things online that will encrypt the password however the server doesn't know to change whatever you enter as a password.
e.g.
username:password
username:cwom3mdL49n
ok now how do I tell my server that when I send in password for validation I actually want cwom3mdL49n.
if my .htpasswd file is on the local machine not whats being served up is it important that I encrypt it seeing as I don't really mind if I or whoever's running the server can see it.
The password prompt will ask for the password in standard form. It must then be the same as the password you encrypted. If the two are the same then you can proceed.
Is this what you where meaning, or did I misread :)
Mack.
say this is my username and password
exuser:dog
now I want to encrypt the passsword in the .htpasswd file and when I do this I get
exuser:asdh57sho4g835rFDS
now the user goes to the site and is prompted for his username and password and he types in
exuser
dog
what I'm saying is I have no problem when I don't encrypt the password because dog=dog but when encrypted, dog!=asdh57sho4g835rFDS so my server either needs some type of key to decrypt the password or some type of key to encrypt dog to match asdh57sho4g835rFDS. Now my question is where would I go to tell my server that I have an encrypted password in the .htpasswd file rather than a normal password.
I guess that brings up another good question is does apache have it's own encryption/decryption key that it can refer to. I know it has a exe to make htpasswd files.
Mack.
