LinuxSA Mailing list archives

Index: [thread] [date] [subject] [author] [stats]

  From: Anthony Symons <ant@sa.pracom.com.au>
  To  : nik [tm] <tmcruisin@sond.com.au>
  Date: 03 May 2002 15:13:52 +0930

Re: using php in htaccess flat-file

I cant exactly answer your question, but I'd recommend updating php.

http://security.e-matters.de/advisories/012002.html

Ant

On Fri, 2002-05-03 at 15:03, nik [tm] wrote:
> Hi all,
> 
> I am really just after opinions, I am currently setting up a web which will
> have user/pass access. I have looked into .htaccess and find that easy to
> use, but I am thinking of a good way to add/remove users into the flat-file.
> we will be adding these users and their passwords into a mydql db, which we
> will set whether they are valid or not and using php to get the valid users
> list.
> 
> what I am wondering is if its possible to use php directly in the password
> file used for htaccess
> so when mod_auth goes to access the flat-file to authenticate the login, it
> really just runs the php which will open the db, get the valid users (and
> shadow passwords) and return the results
> 
> anyone know if this would be possible? or have any similar suggestions
> 
> oh, its an apache server/1.3.20, mysql 3.23.32 and php 4.0.5
> 
> 
> TIA
> 
> regards
> nik [tm]
> 
> ЗДЏ`З.ИИ..><((((К>.ЗДЏ`З.ИИ.ЗДЏ`З.И
>  ><((((К>`З.ИИ.ЗДЏ`З.И><((((К>`З.И
> 
> ---------------------------------------------------------------------------
> The information contained within this email is confidential
> and is solely for the intended addressee(s).
> If you are not the intended recipient, any distribution, copying
> or unlawful accessing is prohibited and legal action may be taken.
> 
> -- 
> LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
> To unsubscribe from the LinuxSA list:
>   mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject
> 
-- 
Systems Administrator       
Pracom Ltd.             
+61 8 82029074 -=- +61 402 100 671 
anthony.symons@sa.pracom.com.au

PRIVILEGED - PRIVATE AND CONFIDENTIAL
This electronic mail is solely for the use of the addressee and may
contain information which is confidential or privileged.
If you receive this electronic mail in error, please delete it from
your system immediately and notify the sender by electronic mail or
using any of the above contact details.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject

Index: [thread] [date] [subject] [author] [stats]

Return to the LinuxSA Mailing List Information Page