Password protect directories
Hello
Is there a way to set up (and remove) users automatically (like in a cron for example) that have access to a password protected directory without going through cPanel. We have full root access to the server in question. We'd be taking orders through a web-based form and allowing access after approval. That access expires in, say, 15 days, so we'd run a cron to delete those users at the specified time.
Thanks
Brian
well first you'd have to determine each user's total days so you know which user to remove, I assume from the htpasswd file storing the username/passwords. A script would need to deduct one day, each day, then when it hits 0 days, counting down from 15 days, the script would then find the user in the password file and remove them. This can be done via a cronjob each night. But first establish each user's total days is some sort of a database then count them down each nite.Originally Posted by bpmod
This would probably be the best approach. We've done this with many of the membership management system we've built for our clients.
Mickalo
Thunder Rain Internet Publishing
Providing Internet Solutions that work!
Custom Perl and Database Programming
Yes, that part is all worked out. I have a form whereby the (potential) user enters all of his pertinent info, which is then entered into the db with a field called status (set to pending). The owner then approves the user, changing the status to approved. At that point there is an entry in the users table that has a field expiry (15 days hence) and each night the cron will run deleting the users who expire that day.
My stumbling block is the script which actually adds/deletes the users in the htpasswd file.
Thanks
Brian
is your current application written in Perl, PHP ... or what ?
when the user is deleted from the database, then it can then remove the user from the password file at the same time.
Mickalo
Thunder Rain Internet Publishing
Providing Internet Solutions that work!
Custom Perl and Database Programming
User a simple wget for the URL
or use something more like:
$request="/frontend/x/htaccess/deluser.html?dir=/home/yourusername/public_html/yourdirectory&user=usernametodelete";
cprq("yourdomain.tld", "2082", "cpusername", "cppassword", $request);
function cprq($host,$port,$owner,$pass,$request) {
$sock = fsockopen($host,$port);
if(!$sock)
{
print('Socket error');
exit();
}
$authstr = "cpusername:cppassword";
$pass = base64_encode($authstr);
$in = "GET $request\r\n";
$in .= "HTTP/1.0\r\n";
$in .= "Host:$domain\r\n";
$in .= "Authorization: Basic $pass\r\n";
$in .= "\r\n";
fputs($sock, $in);
while (!feof($sock)) {
fgets ($sock,128);
$result .= fgets ($sock,128);
}
fclose( $sock );
return $result;
}
User a simple wget for the URL
or use something more like:PHP Code:http://cpusername:cppassword@domain.tld:2082/frontend/x/htaccess/deluser.html?dir=/home/yourusername/public_html/yourdirectory&user=usernametodelete
$request="/frontend/x/htaccess/deluser.html?dir=/home/yourusername/public_html/yourdirectory&user=usernametodelete";
cprq("yourdomain.tld", "2082", "cpusername", "cppassword", $request);
function cprq($host,$port,$owner,$pass,$request) {
$sock = fsockopen($host,$port);
if(!$sock)
{
print('Socket error');
exit();
}
$authstr = "cpusername:cppassword";
$pass = base64_encode($authstr);
$in = "GET $request\r\n";
$in .= "HTTP/1.0\r\n";
$in .= "Host:$host\r\n";
$in .= "Authorization: Basic $pass\r\n";
$in .= "\r\n";
fputs($sock, $in);
while (!feof($sock)) {
fgets ($sock,128);
$result .= fgets ($sock,128);
}
fclose( $sock );
return $result;
}
It's written in PHP. My weak points are creating the encrypted password for adding to the file (I can see that the password I have assigned is not what is in the file), and quickly finding the record to delete without using up too much time & resources.
I was hoping that there'd be a standard script already written.
Thanks for your help.
Brian
Done and working great!
Thanks for the guidance.
Brian
LinkBack URL
About LinkBacks
Reply With Quote