Menu
Is there a programmatic way to build htpasswd files, without depending on OS specific functions (i.e. exec(), passthru())?
714
htpasswd encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA1, or the system's crypt() routine.
htpasswd, a flat-file used to store usernames and password for basic authentication on an Apache HTTP Server.
htpasswd is used to create and update the flat-files used to store usernames and password for basic authentication of HTTP users.
.httpasswd files are just text files with a specific format depending on the hash function specified. If you are using MD5 they look like this:
foo:$apr1$y1cXxW5l$3vapv2yyCXaYz8zGoXj241 That's the login, a colon, ,$apr1$, the salt and 1000 times md5 encoded as base64. If you select SHA1 they look like this:
foo:{SHA}BW6v589SIg3i3zaEW47RcMZ+I+M= That's the login, a colon, the string {SHA} and the SHA1 hash encoded with base64.
If your language has an implementation of either MD5 or SHA1 and base64 you can just create the file like this:
<?php $login = 'foo'; $pass = 'pass'; $hash = base64_encode(sha1($pass, true)); $contents = $login . ':{SHA}' . $hash; file_put_contents('.htpasswd', $contents); ?> Here's more information on the format:
http://httpd.apache.org/docs/2.2/misc/password_encryptions.html
76
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
