thanks but i had that covered it seems to be the actual encrypting that has a problem i have got it writing to file but when im testing it the password doesnt seem to match what i put in or apache doesnt understant it the full code is
<?
require('..\main2.php');
db_connect();
include(INC_DIR."header.php");
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$pwd2 = $_POST['pwd2'];
$email = $_POST['email'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$city = $_POST['city'];
$folder = "/stor/";
$stor = $folder.$uid;
$u = strtolower($uid);
$pw = strtolower($pwd);
$pw2 = strtolower($pwd2);
$today = date("mdY");
if (!ctype_alnum($u) || strlen($u) < 4 || strlen($u) > 16) {
echo "<font color=red>Username must be between 4-16 characters (letters and numbers).</font><br>";
$err = "yes";
}
if (!ctype_alnum($pw) || strlen($pw) < 6 || strlen($pw) > 10) {
echo "<font color=red>Password must be between 6-10 characters (letters and numbers).</font><br>";
$err = "yes";
}
if ($pw != $pw2) {
echo "<font color=red>Password and password confirmation do not match.</font><br>";
$err = "yes";
}
if ($err == "") {
$sql="select * from users where email='$email' OR uid like '%$u%'";
$result=mysql_query($sql) or die("select fails");
$no=mysql_num_rows($result);
if ($no==0) {
$sql="insert into users(uid,pwd,fname,lname,city,userfolder,email,status,type,datesignup) values('$u','$pw','$fname','$lname','$city','$stor','$email','active','sing',NOW())";
$result = mysql_query($sql) or die("insert fails");
if (isset($result)) {
mkdir ($uid);
mkdir ("$uid/DOCS");
$fh = fopen("$uid/list.php", "w+");
if($fh==false)
die("unable to create file");
if($fh)
{
if(!fwrite($fh, "<?
session_start();
if (!isset(\$_SESSION['uid'])) {
\$_SESSION['uid'] = \$_REQUEST['uid'];
\$_SESSION['pwd'] = \$_REQUEST['pwd'];
}
\$uid = \$_SESSION['uid'];
\$pwd = \$_SESSION['pwd'];
\$res = mysql_query(\"SELECT * FROM users WHERE uid='\$uid' AND pwd='\$pwd' and status='active'\");
\$re = mysql_fetch_array(\$res);
if(mysql_num_rows(\$res) != 0) {
if (\$uid == '$uid') {
// Define the full path to your folder from root
\$path = \"users/administrator/docs/\";
// Open the folder
\$dir_handle = @opendir(\$path) or die(\"Unable to open \$path\");
// Loop through the files
while (\$file = readdir(\$dir_handle)) {
if(\$file == \".\" || \$file == \"..\" || \$file == \"list.php\" )
continue;
\$a = \$file;
\$b = \"<a href=users/administrator/docs/\";
\$c = \">\$file</a><br>\";
echo \$b ;
echo \$a ;
echo \$c ;
}
// Close
closedir($dir_handle);
}
;} else { echo \"<p>YOU DO NOT HAVE ACCESS TO THIS DIRECTORY, PLEASE LOG IN!</p>\" ;}
?>
"))
die("couldn't write to file.");
// GENERATE THE PASSWD FILE
$fh = fopen("../../htpasswds/$uid.passwd", "w+");
if($fh==false)
die("unable to create Account");
//GENERATE THE CONTENTS
function htpasswd($pwd) {
$pass = crypt(trim($pass),base64_encode(CRYPT_STD_DES));
return $pass;
}
$PASSWD = htpasswd($pwd);
if(!fwrite($fh, "$uid:$PASSWD"));
// GENERATE THE HTACCESS FILE
$fh = fopen("$uid/docs/.htaccess", "w+");
if($fh==false)
die("unable to create Account");
if(!fwrite($fh, "AuthType Basic
AuthName \"Password Required\"
AuthUserFile E:/WEBSERVER/ROOT/htpasswds/$uid.passwd
Require Valid-User
"))
;}
echo "<br><b><center>Account Successfully Created!</b> - Login Below</b></center>";
include(INC_DIR."login.php");
} else {
echo "<br>Error Inserting Record. Contact Site Admin<br>";
}
} else {
echo "<font color=red>User with that Email Address or Username already exists. <a href='".BASEHREF."/forgotpass.php'>Forgot Password?</a></font><br>";
}
} else {
include(INC_DIR."signup.php");
}
} else {
include(INC_DIR."signup.php");
}
include(INC_DIR."footer.php");
db_disconnect();
?>
as you can see the user directories are created along with any needed files when the user signs up
