PHP generate .htpasswds

[thezone1]

Does anyone know how to generate .htpasswds with php i did find a script but it doesnt seem to work

function htpasswd($pwd) {
$pass = crypt(trim($pass),base64_encode(CRYPT_STD_DES));
return $pass;
}

Please help guys my whole site rests on this

[cowctcat]

If you know how to encrypt it its just a simple matter of writing to the file.
Theres a good tutorial at http://w3schools.com/php/php_file.asp

[thezone1]

thanks but i had that covered it seems to be the actual encrypting that has a problem i have got it writing to file but when im testing it the password doesnt seem to match what i put in or apache doesnt understant it the full code is

<?


require('..\main2.php');

db_connect();

include(INC_DIR."header.php");

if ($_SERVER['REQUEST_METHOD'] == "POST") {

$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$pwd2 = $_POST['pwd2'];
$email = $_POST['email'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$city = $_POST['city'];


$folder = "/stor/";
$stor = $folder.$uid;

$u = strtolower($uid);
$pw = strtolower($pwd);
$pw2 = strtolower($pwd2);
$today = date("mdY");


if (!ctype_alnum($u) || strlen($u) < 4 || strlen($u) > 16) {
echo "<font color=red>Username must be between 4-16 characters (letters and numbers).</font><br>";
$err = "yes";

}

if (!ctype_alnum($pw) || strlen($pw) < 6 || strlen($pw) > 10) {
echo "<font color=red>Password must be between 6-10 characters (letters and numbers).</font><br>";
$err = "yes";
}

if ($pw != $pw2) {
echo "<font color=red>Password and password confirmation do not match.</font><br>";
$err = "yes";
}

if ($err == "") {

$sql="select * from users where email='$email' OR uid like '%$u%'";
$result=mysql_query($sql) or die("select fails");
$no=mysql_num_rows($result);

if ($no==0) {


$sql="insert into users(uid,pwd,fname,lname,city,userfolder,email,st atus,type,datesignup) values('$u','$pw','$fname','$lname','$city','$stor ','$email','active','sing',NOW())";




$result = mysql_query($sql) or die("insert fails");

if (isset($result)) {

mkdir ($uid);
mkdir ("$uid/DOCS");

$fh = fopen("$uid/list.php", "w+");

if($fh==false)
die("unable to create file");


if($fh)
{

if(!fwrite($fh, "<?



session_start();

if (!isset(\$_SESSION['uid'])) {
\$_SESSION['uid'] = \$_REQUEST['uid'];
\$_SESSION['pwd'] = \$_REQUEST['pwd'];

}

\$uid = \$_SESSION['uid'];
\$pwd = \$_SESSION['pwd'];



\$res = mysql_query(\"SELECT * FROM users WHERE uid='\$uid' AND pwd='\$pwd' and status='active'\");
\$re = mysql_fetch_array(\$res);

if(mysql_num_rows(\$res) != 0) {



if (\$uid == '$uid') {

// Define the full path to your folder from root
\$path = \"users/administrator/docs/\";

// Open the folder
\$dir_handle = @opendir(\$path) or die(\"Unable to open \$path\");

// Loop through the files
while (\$file = readdir(\$dir_handle)) {

if(\$file == \".\" || \$file == \"..\" || \$file == \"list.php\" )

continue;
\$a = \$file;
\$b = \"<a href=users/administrator/docs/\";
\$c = \">\$file</a><br>\";

echo \$b ;
echo \$a ;
echo \$c ;

}

// Close
closedir($dir_handle);

}
;} else { echo \"<p>YOU DO NOT HAVE ACCESS TO THIS DIRECTORY, PLEASE LOG IN!</p>\" ;}



?>

"))
die("couldn't write to file.");





// GENERATE THE PASSWD FILE

$fh = fopen("../../htpasswds/$uid.passwd", "w+");

if($fh==false)
die("unable to create Account");



//GENERATE THE CONTENTS

function htpasswd($pwd) {
$pass = crypt(trim($pass),base64_encode(CRYPT_STD_DES));
return $pass;
}

$PASSWD = htpasswd($pwd);




if(!fwrite($fh, "$uid:$PASSWD"));


// GENERATE THE HTACCESS FILE

$fh = fopen("$uid/docs/.htaccess", "w+");

if($fh==false)
die("unable to create Account");

if(!fwrite($fh, "AuthType Basic
AuthName \"Password Required\"
AuthUserFile E:/WEBSERVER/ROOT/htpasswds/$uid.passwd
Require Valid-User
"))


;}


echo "<br><b><center>Account Successfully Created!</b> - Login Below</b></center>";
include(INC_DIR."login.php");

} else {
echo "<br>Error Inserting Record. Contact Site Admin<br>";
}

} else {

echo "<font color=red>User with that Email Address or Username already exists. <a href='".BASEHREF."/forgotpass.php'>Forgot Password?</a></font><br>";

}
} else {

include(INC_DIR."signup.php");

}

} else {


include(INC_DIR."signup.php");


}


include(INC_DIR."footer.php");

db_disconnect();




?>


as you can see the user directories are created along with any needed files when the user signs up