You also can't overwrite files using the fopen() method. You'd need to FTP in, then delete the file, then fopen() it.. or just do the whole thing in one FTP session (write to a temp file, upload it, erase the temp file).
Mike Miguel Cruz wrote: > Thus leaving the FTP account's password in view of the httpd, which is > even worse... > > miguel > > On Fri, 3 May 2002, serj wrote: > >>You could use fopen() to connect to the file via ftp therefore keeping >>the .htaccess file owned by the user for increased security. >> >>Josh Boughner >> >>On Fri, 3 May 2002, Mike Eheler wrote: >> >> >>>It's possible, but is it really recommended? Wouldn't the >>>.htaccess/.htpasswd file have to be owned by the apache user, which >>>might leave it open to being overwritten by any kind of a >>>weak/exploitable script? >>> >>>Mike >>> >>>Josh & Valerie McCormack wrote: >>> >>>>I've used the script phtaccess, which I think used the mentioned class. >>>>Super easy to use. >>>> >>>>Josh >>>> >>>> >>>>>On Wed, 1 May 2002, Kelly Meeks wrote: >>>>> >>>>> >>>>>>>Is is possible to use php to admin a password file used by a >>>>>>>.htaccess file? >>>>>>> >>>>>> >>>>> You should check the File_Passwd class from PEAR. >>>>> >>>>> http://chora.php.net/cvs.php/php4/pear/File >>>>> >>>>>-- >>>>>Mika Tuupola http://www.appelsiini.net/~tuupola/ >>>>> >>>>> >>>> >>> >>> >>>-- >>>PHP General Mailing List (http://www.php.net/) >>>To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
