|
the server variable REMOTE_USER can be used within your system to get the username that was used to sign in when using .htaccess authentication. CCBill does support writing to a mysql username/password.
Strongbox prevents password trading by inserting its own authentication method using mod_rewrite, but, reads the .htpasswd file (or mysql database) so that it knows what usernames are allowed. Password hackers will run dictionary attacks against members sites that they want to get into (200,000+ user/password combinations they have grabbed over the years), so, if you write your own authentication handler, be prepared to have a lot of proxy servers knocking on the door. Strongbox also puts in captcha (if desired) and a number of other things to prevent automated surfing/login.
The simple answer in your case would be to adapt your existing system to read the .htpasswd file (or mysql table) for the authentication and use the same internal methods that you have used on all of your other sites. No sense reinventing the wheel.
__________________
SnapReplay.com a different way to share photos - iPhone & Android
|
2009-02-02, 08:59 AM
Hybrid Mode
