Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much


by kayos (Sexton)
on Apr 25, 2000 at 21:04 UTC ( #9034=sourcecode: print w/replies, xml ) Need Help??
Category: CGI programming
Author/Contact Info T.R. Fullhart,

If you have a "membership" area that uses HTTP Basic Auth, then you probably have to edit the .htpasswd file pretty often. This module let's you treat the .htpasswd file as a Tied hash.

This module uses Apache::Htpasswd.


use Tie::Htpasswd; tie %htpasswd, 'Tie::Htpasswd', "/home/httpd/htdocs/.htpasswd"; $htpasswd{username} = "password"; # assignment automatically crypt() +s delete $htpasswd{username}; # removed from .htpasswd untie %htpasswd; # save the file
# $Id:,v 1.3 2000/05/24 20:27:48 kayos Exp $
package Tie::Htpasswd;

use strict;
use vars qw($VERSION);
use Apache::Htpasswd;

$VERSION = sprintf("%d.%02d",q$Revision: 1.3 $ =~ /(\d+)\.(\d+)/);

my $F_FILENAME = 0;
my $F_DATA = 1;

        my ($pkg, $filename) = @_;
        my $obj = [];

        $obj->[$F_FILENAME] = $filename;
        $obj->[$F_DATA] = new Apache::Htpasswd($filename);

        return (bless $obj, $pkg);      

sub FETCH {
        my ($self,$key) = @_;
        return $self->[$F_DATA]->fetchPass($key);

sub STORE {
        my ($self,$key,$value) = @_;
        if($self->[$F_DATA]->fetchPass($key)) {
        } else {
        return $self->[$F_DATA]->fetchPass($key);

sub DELETE {
        my ($self,$key) = @_;
        my $prev_value = $self->[$F_DATA]->fetchPass($key);
        return $prev_value;

sub EXISTS {
        my ($self,$key) = @_;
        my $result = $self->[$F_DATA]->fetchPass($key);
        return ( $result );

        my ($self) = @_;
        undef $self->[$F_DATA];

Replies are listed 'Best First'.
RE: Tie::Htpasswd
by KM (Priest) on May 20, 2000 at 04:03 UTC
    One thing you are not doing is using any type of locking in this module. This can present a race condition if more than one instance of this script is running at the same time. This can be a common mistake, and may not be so horrible when this wipes out someones hit counter, but a password file is something different. Take a look at MJD's Perl Hardware Store talks at (and a few slides after that one).

    You may also want to consider having the module import and use some of the methods from Apache::Htpasswd, which already has a locking scheme.

    Another possible problem is that you do not re-read the password file before writing it. If you script opens the file, and while it does other things another process writes to the file, you will wipe out whatever changes were made. The DESTROY function should only change what is needed, as opposed to writing out whatever you have saved. Consider this:

    • * Tie::Htpasswd reads in the file data in TIEHASH
    • * someone runs htpasswd and adds a new user or two
    • * Tie::Htpasswd::DESTROY() is called, and rewrites the file with the data based on what was read in in TIEHASH.
    • * Data is now not what it should be.

      Thanks. I was just going to add locking and all that, so I decided to check out Perl Monks to see if anyone commented on it. I'll check out Apache::Htpasswd.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: sourcecode [id://9034]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (5)
As of 2021-01-20 10:42 GMT
Find Nodes?
    Voting Booth?