[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Basic Authentication for web pages



Careful:  You are passing the password as part of a command line, and
command lines are visible to the world!  Instead of using an echo command,
you should open a pipe to the nwauth command and write the password down the
pipe.  Not knowing php, you are on your own <g>!

>////////////////////////////////
>function nwauth ($nwserver, $user, $pass) {
>  $command=sprintf("echo \"%s\" | nwauth -S %s -U %s",  // parsing the
>                    $pass, $nwserver, $user);          // command
>    $out = array();                           // Just a dummy variable
>    exec($command,$out,$auth);                // *THE* meat!
>    if ($m_auth<>0){
>      return 0; // failed authentication
>    } else {
>      return 1; // passed
>    }
>  }
>///////////////////////////////////




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []