How to encrypt a password to compare with .htpasswd?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jasonok
Forum Newbie
Posts: 2
Joined: Wed Mar 05, 2008 10:29 pm

How to encrypt a password to compare with .htpasswd?

Post by jasonok »

I have used .htpasswd to protect a directory. I have added some user with cPanel for initialization and find the password "superman" of user "spotty" have been encrypted to "SwiwEaoYmIe/c" at first time added and been encrypted to "2uhyjTm/HBJFs" at second time added. And I have used the crypt() of PHP to encrypt the password and get the result as "$1$PtzoD4Vk$NOZlGnuHtWwAQzVEsMlNF/", used the MD5() of PHP and get the result as "d41d8cd98f00b204e9800998ecf8427e". None of them is fit with the string stored in .htpasswd file. I don't know how to encrypt the password that visitor inputed to compare with the string stored in .htpasswd. Could anyone give any suggest?

Thanks.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Re: How to encrypt a password to compare with .htpasswd?

Post by Ambush Commander »

Use the htpasswd command line utility.

If security is not an issue, http://home.flash.net/cgi-bin/pw.pl should do the trick
jasonok
Forum Newbie
Posts: 2
Joined: Wed Mar 05, 2008 10:29 pm

Re: How to encrypt a password to compare with .htpasswd?

Post by jasonok »

Ambush Commander wrote:Use the htpasswd command line utility.

If security is not an issue, http://home.flash.net/cgi-bin/pw.pl should do the trick
Thanks for advise.
I could not use the command line for the website hosted in a virtual server. And the encrypted string from the page you given is "spotty:WYtLt67uJmvtY". It still is not equal with the string stored in .htpasswd.

I found the encrypted string of the password "superman" in changed every time I added. So, how can I encrypt a string to compare with it? It's really a problem. Any suggestion, thanks.
geethalakshmi
Forum Commoner
Posts: 31
Joined: Thu Apr 24, 2008 10:38 pm

Re: How to encrypt a password to compare with .htpasswd?

Post by geethalakshmi »

Here is the code to display encrypted password
http://hiox.org/index.php?id=278
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: How to encrypt a password to compare with .htpasswd?

Post by onion2k »

geethalakshmi wrote:Here is the code to display encrypted password
http://hiox.org/index.php?id=278
Firstly, that code doesn't display encrypted passwords at all, it only displays an MD5 hash. Hashing is not encryption.
Second, it assumes that the password is stored as plain text in the database (or it MD5s the database hash giving the wrong result).
Thirdly, there are numerous problems with the script like you're not checking the query actually returned any results, and you're accessing an array value without quoting the key (eg $row[password] should be $row['password']).

And lastly, and most importantly, you're just linking to some post on another site without good reason which in my opinion is bordering on spamming. Do it again and I'll remove your post.
Post Reply