axy/htpasswd

Working with htpasswd file

axy\htpasswd

Working with htpasswd file (PHP)., _(*1)

, _(*2)

Documentation

The library provides program API for manipulation with htpasswd file (for console utility see axypro/htpasswd-cli)., _(*3)

use axy\htpasswd\PasswordFile;

$file = new PasswordFile('/path/to/.htpasswd');
$file->setPassword('nick', 'password');
$file->setPassword('john', '123456');
$file->save();

Currently supported the following algorithms (constants of PasswordFile::*):, _(*4)

• ALG_MD5: Apache APR1-MD5 algorithm (by default)
• ALG_BCrypt: Blowfish
• ALG_SHA1: SHA-1
• ALG_CRYPT: crypt (unix)
• ALG_PLAIN: Plain text (not supported of servers on some platforms).

__construct([string $filename])

The constructor takes the name of a htpasswd file., _(*5)

Or NULL: analogue of the option -n of the console utility:, _(*6)

$file = new PasswordFile();
$file->setPassword('nick', 'password');
$file->getContent(); // out of the "file" content

$file->save(); // Exception FileNotSpecified

setPassword(string $user, string $password [, string $algorithm, [array $options]): bool

Sets the password $password for a user $user. For hashing uses $algorithm (by default Apache MD5)., _(*7)

$options is an array of options for hashing. Only cost for BCrypt supported (integer in the range 4 to 31), _(*8)

Returns TRUE if a new user has been created. And FALSE if has been changed the password of an existing user., _(*9)

remove(string $user): bool

Removes a user from the file. Returns TRUE is the user has been removed. And FALSE if the user was not found., _(*10)

verify(string $user, string $password): bool

Returns TRUE if a $user exists and has $password as the password., _(*11)

isUserExist(string $user): bool

Returns TRUE is a user exists in the file., _(*12)

if (!$file->isUserExist('john')) {
    echo 'John? I do not known you.';
    exit();
}
if (!$file->verify('john', 'password')) {
    echo 'You are not John! You are an impostor!';
    exit();
}
echo 'Hello, John';

getContent(void): string

Returns the file content (without saving)., _(*13)

save(void): void

Saves the content to the file (if it is specified)., _(*14)

In contrast, from the utility htpasswd (see the option -c) the existing file always changing (not overwritten). Nonexistent file is created., _(*15)

setFileName(string $filename): void

Sets a new filename. The content of the old file will be loaded and saved to the new (after save())., _(*16)

getFileName(void): string

Returns the current specified file name., _(*17)

Exceptions

In the axy\htpasswd\errors namespace., _(*18)

• InvalidFileFormat: a password file has invalid format.
• FileNotSpecified: throws from save() if the file is not specified in the constructor.