PDA

View Full Version : htaccess has quit working for all members. Seems to randomly deny access to some



companydesigns
03-10-2011, 11:33 PM
Years ago, I wrote a members area database script in perl which contains members of our navy ship association. USSMtMcKinley.Com. At present, this db is a simple flat file but I intend to upgrade to MySql soon.

In the last six months or so, the htaccess for the restricted members dir has quit working properly. I use a perl script in the database that I wrote to seed and encrypt the passwords. This worked flawlessly for years. It continually adds new members. Lately, since it quit working, I modified it so it would run through the database and recreate the entire laundry list of usernames and encrypted passwords in the .htpasswd file each time. Of course I write them to a temp file and then rename it so it replaces the current file instead of adding to it. It still denies access to certain random users. Whenever I run the script, save a record, and it automatically rebuilds the password file it seems different people are randomly shut out. I have checked many times and the users denied still have their user names and encrypted passwords in the htaccess database file. I am at a loss. I have tried changing the seeding routine but nothing changes. Every day someone new emails me and complains about being shut out.

I have over 700 entries in this file and here is a sample;

Does anyone have any idea what has changed that could have caused this? I made no changes in my script prior it breaking.

971:ufnEweoPVEKd.
956:6d65Xw42Sqgs.
1169A:ol6XtPTtPyJ7w
900:38aUE9lUANpXA
1173:emdBxwP78lOkY
368:euc2TDSw6jjw6
1049A:kakD02A5T0ZmM
891:io7Cpj3qMK70k
729:ooEozWd/PXO8g
1125A:poO24wDjzHEgY
785:co6MWTVxWjUsE
392:ep5BUYonmkk56
928A:m6W.EeuzJCB4g
024C:loMehTqbHEHS2
928:keAbpm8oH.dY2

wildjokerdesign
03-11-2011, 05:44 AM
I would say there are two places to start with this. First I would compare the encrypted passwords from an old file with a new one. This would mean you would want to save a back up or copy of the old ones when a new one is made. This would let you know if the passwords are indeed being changed. If they are then see if you can find any info on the process you are using to encrypt the passwords and the ones you use to read and write the file. Review the flate file with something like EditPlus that is in my sig. With this program you can turn on the ability to view things like line ending, tabs and spaces. This might reveal something that is getting added that is not visible in a regular editor.