Autor
Queria preguntar si la funcion de php http_authenticate:
Citar
function http_authenticate ( $user , $pass , $pass_file = '.htpasswd' , $crypt_type = 'DES' ){
// the stuff below is just an example useage that restricts
// user names and passwords to only alpha-numeric characters.
if(! ctype_alnum ( $user )){
// invalid user name
return FALSE ;
}
if(! ctype_alnum ( $pass )){
// invalid password
return FALSE ;
}
// get the information from the htpasswd file
if( file_exists ( $pass_file ) && is_readable ( $pass_file )){
// the password file exists, open it
if( $fp = fopen ( $pass_file , 'r' )){
while( $line = fgets ( $fp )){
// for each line in the file remove line endings
$line = preg_replace ( '`[\r\n]$`' , '' , $line );
list( $fuser , $fpass )= explode ( ':' , $line );
if( $fuser == $user ){
// the submitted user name matches this line
// in the file
switch( $crypt_type ){
case 'DES' :
// the salt is the first 2
// characters for DES encryption
$salt = substr ( $fpass , 0 , 2 );
// use the salt to encode the
// submitted password
$test_pw = crypt ( $pass , $salt );
break;
case 'PLAIN' :
$test_pw = $pass ;
break;
case 'SHA' :
case 'MD5' :
default:
// unsupported crypt type
fclose ( $fp );
return FALSE ;
}
if( $test_pw == $fpass ){
// authentication success.
fclose ( $fp );
return TRUE ;
}else{
return FALSE ;
}
}
}
fclose ( $fp );
}else{
// could not open the password file
return FALSE ;
}
}else{
return FALSE ;
}
}
// the stuff below is just an example useage that restricts
// user names and passwords to only alpha-numeric characters.
if(! ctype_alnum ( $user )){
// invalid user name
return FALSE ;
}
if(! ctype_alnum ( $pass )){
// invalid password
return FALSE ;
}
// get the information from the htpasswd file
if( file_exists ( $pass_file ) && is_readable ( $pass_file )){
// the password file exists, open it
if( $fp = fopen ( $pass_file , 'r' )){
while( $line = fgets ( $fp )){
// for each line in the file remove line endings
$line = preg_replace ( '`[\r\n]$`' , '' , $line );
list( $fuser , $fpass )= explode ( ':' , $line );
if( $fuser == $user ){
// the submitted user name matches this line
// in the file
switch( $crypt_type ){
case 'DES' :
// the salt is the first 2
// characters for DES encryption
$salt = substr ( $fpass , 0 , 2 );
// use the salt to encode the
// submitted password
$test_pw = crypt ( $pass , $salt );
break;
case 'PLAIN' :
$test_pw = $pass ;
break;
case 'SHA' :
case 'MD5' :
default:
// unsupported crypt type
fclose ( $fp );
return FALSE ;
}
if( $test_pw == $fpass ){
// authentication success.
fclose ( $fp );
return TRUE ;
}else{
return FALSE ;
}
}
}
fclose ( $fp );
}else{
// could not open the password file
return FALSE ;
}
}else{
return FALSE ;
}
}
Yo si tengo esta funcion...
¿sirve para saltar el .htpasswd al realizar una descarga desde un fichero PHP alojado en el mismo server PHP......?
O solo para comprobar????
Necesito conocer la forma de saltar un htpasswd desde PHP para realizar una descarga desde el mismo
En línea
