Hi. I am just wondering if anyone knows of limitations to .htaccess password protection. I have just made a site I partnered with free membership based. In 3 days we have had 250+ sign ups. What I am wondering is, what is the limitations of .htaccess? Is there a better way to protect?
Also, when I do a check to see if the user exists I have to put all of the usernames into an array, see below code. Is this secure, and how will it affect the speed?
open(HTPASSWD,"/home/pokemon/public_html/free/.htpasswd");
flock(HTPASSWD, LOCK_EX);
@htpasswd = <HTPASSWD>;
close(HTPASSWRD);
flock(HTPASSWD, LOCK_UN);
foreach $line (@htpasswd)
{
if ($line =~ /$username\:\:.+/) { &error_username_exists; exit; } else { $return = 1; }
}
Is this effective? I doubt very much it is...LOL.
I am looking into SQL, would this be a better option?
Thanks for any help and pointers you can offer.
Andy
webmaster@ace-installer.com
http://www.ace-installer.com
Also, when I do a check to see if the user exists I have to put all of the usernames into an array, see below code. Is this secure, and how will it affect the speed?
open(HTPASSWD,"/home/pokemon/public_html/free/.htpasswd");
flock(HTPASSWD, LOCK_EX);
@htpasswd = <HTPASSWD>;
close(HTPASSWRD);
flock(HTPASSWD, LOCK_UN);
foreach $line (@htpasswd)
{
if ($line =~ /$username\:\:.+/) { &error_username_exists; exit; } else { $return = 1; }
}
Is this effective? I doubt very much it is...LOL.
I am looking into SQL, would this be a better option?
Thanks for any help and pointers you can offer.
Andy
webmaster@ace-installer.com
http://www.ace-installer.com