Apache PHP custom 401 error

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tafuser71
Forum Newbie
Posts: 1
Joined: Fri Apr 04, 2003 1:02 pm

Apache PHP custom 401 error

Post by tafuser71 »

I am working on a web site that uses an apache password file for security. I also store user information in a mySQL database. If a user forgets a password or username, I would like to accept their email address, get their username and password from mySQL, and email the username and password back to the user.

I tried to use the "ErrorDocument 401 /error401.html" in the Apache configuration file to open an html form that allows the user to post their email. The problem occurs when the error401.html file tries to call my PHP script. It requires the user to login to execute the script which is impossible because they don't know their username or password.

Am I going about this wrong? Is there a better model to accomplish this?
User avatar
Kriek
Forum Contributor
Posts: 238
Joined: Wed May 29, 2002 3:46 am
Location: Florida
Contact:

Re: Apache PHP custom 401 error

Post by Kriek »

I may have misunderstood your original question; however I think I've written a simple script to do just this, although it works slightly different. User's enter their email address into a form field, after submission it checks the email address against the database and then resets the user's password with a random value using uniqid() which is then encrypted using md5(). The reset password is then sent to the user's email address stored in the database. This was written because I didn’t want to use the Mcrypt Library for my user’s passwords (two-way encryption) and PHP’s md5() and crypt() are both one-way encryption. So I needed a method that would reset their password automatically.
Post Reply