Thus leaving the FTP account's password in view of the httpd, which is even worse...
miguel On Fri, 3 May 2002, serj wrote: > You could use fopen() to connect to the file via ftp therefore keeping > the .htaccess file owned by the user for increased security. > > Josh Boughner > > On Fri, 3 May 2002, Mike Eheler wrote: > > > It's possible, but is it really recommended? Wouldn't the > > .htaccess/.htpasswd file have to be owned by the apache user, which > > might leave it open to being overwritten by any kind of a > > weak/exploitable script? > > > > Mike > > > > Josh & Valerie McCormack wrote: > > > I've used the script phtaccess, which I think used the mentioned class. > > > Super easy to use. > > > > > > Josh > > > > > >> On Wed, 1 May 2002, Kelly Meeks wrote: > > >> > > >>>> Is is possible to use php to admin a password file used by a > > >>>> .htaccess file? > > >>> > > >>> > > >> > > >> You should check the File_Passwd class from PEAR. > > >> > > >> http://chora.php.net/cvs.php/php4/pear/File > > >> > > >> -- > > >> Mika Tuupola http://www.appelsiini.net/~tuupola/ > > >> > > > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
