以编程方式构建 htpasswd
是否有一种编程方式来构建 htpasswd 文件,而不依赖于操作系统特定的函数(即 exec()
、passthru()
)?
Is there a programmatic way to build htpasswd files, without depending on OS specific functions (i.e. exec()
, passthru()
)?
推荐答案
.httpasswd 文件只是具有特定格式的文本文件,具体取决于指定的散列函数.如果您使用的是 MD5,它们看起来像这样:
.httpasswd files are just text files with a specific format depending on the hash function specified. If you are using MD5 they look like this:
foo:$apr1$y1cXxW5l$3vapv2yyCXaYz8zGoXj241
那是登录名、冒号、,$apr1$、盐和 1000 次 md5 编码为 base64.如果您选择 SHA1,它们看起来像这样:
That's the login, a colon, ,$apr1$, the salt and 1000 times md5 encoded as base64. If you select SHA1 they look like this:
foo:{SHA}BW6v589SIg3i3zaEW47RcMZ+I+M=
这是登录名、冒号、字符串 {SHA} 和用 base64 编码的 SHA1 哈希.
That's the login, a colon, the string {SHA} and the SHA1 hash encoded with base64.
如果您的语言实现了 MD5 或 SHA1 和 base64,您可以像这样创建文件:
If your language has an implementation of either MD5 or SHA1 and base64 you can just create the file like this:
<?php
$login = 'foo';
$pass = 'pass';
$hash = base64_encode(sha1($pass, true));
$contents = $login . ':{SHA}' . $hash;
file_put_contents('.htpasswd', $contents);
?>
以下是有关格式的更多信息:
Here's more information on the format:
http://httpd.apache.org/docs/2.2/misc/password_encryptions.html
相关文章