Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

adding codes to .htacces wont let admin in after CGI auth!
 View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm)
Author Message
SlashDot
New Member
New Member



Joined: Jan 08, 2005
Posts: 22
Location: Bangladesh
PostPosted: Fri May 13, 2005 5:09 am Reply with quote
helo mates. i m back with another problem. after searching the forums i have managed to find the problem in the .htaccess. so at first i deleted this code:
Code:
# -------------------------------------------


# Start of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


<Files .staccess>


deny from all


</Files>





<Files admin.php>


<Limit GET POST PUT>


require valid-user


</Limit>


AuthName "Restricted by NukeSentinel(tm)"


AuthType Basic


AuthUserFile  /home/slashdot/.htpasswds/.staccess


</Files>


# -------------------------------------------


# End of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


then i went to senteniel admin scanned for admins set a pw for all of them. and then added this back to the .htacess:

Code:
# -------------------------------------------


# Start of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


<Files .staccess>


deny from all


</Files>





<Files admin.php>


<Limit GET POST PUT>


require valid-user


</Limit>


AuthName "Restricted by NukeSentinel(tm)"


AuthType Basic


AuthUserFile  /home/slashdot/.htpasswds/.staccess


</Files>


# -------------------------------------------


# End of NukeSentinel(tm) admin.php Auth


# -------------------------------------------


eveyrhting worked fine then. but now it seems that the problem has re occured...:S
its not letting me in again and i am sure i am using the correct pw as i have used this only 2 hours ago to login with senteniel.

but when i remove the codes from .htacess everything seems to work just fine.

i know this is suposed to work fine.. but cant get it to work.
can someone please help me with this?
 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088
PostPosted: Fri May 13, 2005 6:00 am Reply with quote
Did you encode your password for .staccess with this script?
Code:
<?


/********************************************************/


/* HTTP Authentication Using PHP CGI and Apache         */


/* CGIAdminAuth.php                                     */


/* By: Raven PHP Scripts                                */


/* http://www.ravenphpscripts.com                       */


/* Copyright © 2004 by Raven PHP Scripts                */


/********************************************************/


echo <<< _TEXT_


This script is based on <a href="http://ravenphpscripts.com/postt2950.html#20975">this post</a> at <a href="http://ravenphpscripts.com">RavenPhpScripts.com</a>. Please read the post for explanations and instructions.<br />


Remember to remove this script from your web server after using it.<br /><br />


<form method='post'>


<table>


<tr>


<td>Enter secret file name:</td><td><input name='secretfile'></td>


</tr><tr>


<td>Enter user ID for admin authentication:</td><td><input name='user'></td>


</tr><tr>


<td>Enter password to be encrypted using crypt():</td><td><input name='pw'></td>


</tr><tr>


<td>Enter the 'salt' value for the encryption (2 long):</td><td><input name='salt' maxlength='2'></td>


</tr><tr>


<td>&nbsp;</td><td><input type='submit' name='submit' value='Encrypt'></td>


</tr>


</table>


</form>


_TEXT_;


extract($_POST);


if (isset($submit)&&!empty($pw)) {


   $rp = eregi_replace ('index.php', '', realpath('index.php'));


   $secretfilecontent = $user.":".crypt($pw,$salt)."<br />";


echo <<< _TEXT1_


   Save this in $rp.$secretfile : <br /><br />


   <font color='#00F'>$secretfilecontent</font>


   <br />


   Save this in $rp.htaccess :<br /><br />


   <font color='#00F'>&lt;Files .$secretfile&gt;<br>


   &nbsp;&nbsp;deny from all<br>


   &lt;/Files&gt;


   <br /><br />


   &lt;Files admin.php&gt;<br>


   &nbsp;&nbsp;&nbsp;&lt;Limit GET POST PUT&gt;<br>


   &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;require valid-user<br>


   &nbsp;&nbsp;&nbsp;&lt;/Limit&gt;<br>


   &nbsp;&nbsp;&nbsp;AuthName "Restricted"<br>


   &nbsp;&nbsp;&nbsp;AuthType Basic<br>


   &nbsp;&nbsp;&nbsp;AuthUserFile $rp<br>


   &lt;/Files&gt;<br></font>


_TEXT1_;


}


?>
 
View user's profile Send private message
BobMarion
Former Admin in Good Standing



Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)
PostPosted: Fri May 13, 2005 3:39 pm Reply with quote
Two questions, more if I think of any Wink:
1) Did you upload the sample.staccess file?
2) Did you rename it to .staccess?
3) Did you CHMOD it to 666?
4) Did you go back to NS Admin and tell it to update the .staccess file? (there's a link in the authors admin of NS)

_________________
Bob Marion
Codito Ergo Sum
http://www.nukescripts.net 
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm)


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©