[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Basic Authentication for web pages

From: "Scott Nelson" <sbnelson thermeon com>
To: <pam-list redhat com>
Cc: "Me" <wes smellycat com>
Subject: Re: Basic Authentication for web pages
Date: Wed, 3 Feb 1999 08:19:14 -0600

Careful:  You are passing the password as part of a command line, and
command lines are visible to the world!  Instead of using an echo command,
you should open a pipe to the nwauth command and write the password down the
pipe.  Not knowing php, you are on your own <g>!

>////////////////////////////////
>function nwauth ($nwserver, $user, $pass) {
>  $command=sprintf("echo \"%s\" | nwauth -S %s -U %s",  // parsing the
>                    $pass, $nwserver, $user);          // command
>    $out = array();                           // Just a dummy variable
>    exec($command,$out,$auth);                // *THE* meat!
>    if ($m_auth<>0){
>      return 0; // failed authentication
>    } else {
>      return 1; // passed
>    }
>  }
>///////////////////////////////////

Follow-Ups:
- Re: Basic Authentication for web pages
  - From: "Hossein S. Zadeh" <hossein@bf.rmit.edu.au>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []