http://qs321.pair.com?node_id=207944

George_Sherston has asked for the wisdom of the Perl Monks concerning the following question:

I'm using Apache::Htpasswd to manage log-ins to a web site. User/Password pairs are stored in a text file. It works fine for creating and deleting the User/Pwd pairs. But when I try to let users change their passwords I get into trouble.

What happens is that the password changes fine, but then the next user in the list doesn't work. When I look at the password file what I find is, when I'm changing password for user3,
before:
user1:pwd1 user2:pwd2 user3:pwd3 user4:pwd4 user5:pwd5 user6:pwd6
after:
user1:pwd1 user2:pwd2 user3:newpwd3:user4:pwd4 user5:pwd5 user6:pwd6
So user3 has a new password, but user4 can't log in at all (n.b. the extra : between newpwd3 and user4 is what actually appears, oddly enough).

I've stripped down the code that does this to the bearest essentials, and it still exhibits this behaviour:
my $g = shift; my $UserName = shift; print h1 "new $g->{NewPassWord}, old $g->{OldPassWord}"; # these details are shown to be correct my $pwd = new Apache::Htpasswd("/path/to/my/passwordfile"); #$pwd->htpasswd($UserName, $g->{NewPassWord}, $g->{OldPassWord}); # either with the line above or the line below it still goes wrong: $pwd->htpasswd($UserName, $g->{NewPassWord}, 1);
I'm really stumped by this. One option is to delete the user and then create a new user with the same user name but a different password. But (A) that creates the very faint risk of a race condition and somebody else getting in with the same user name; and (B) it bothers me not to understand why this is going wrong. But I must confess I don't understand. I'd be most grateful to any sibling monk who can shed some light.

George Sherston