axy/htpasswd

Working with htpasswd file

Maintainers

👁 axy

Package info

github.com/axypro/htpasswd

pkg:composer/axy/htpasswd

Statistics

Installs: 28 924

Dependents: 3

Suggesters: 0

Stars: 0

Open Issues: 0

2.0.0 2023-03-18 20:38 UTC

Requires

Requires (Dev)

Suggests

None

Provides

None

Conflicts

None

Replaces

None

MIT 7306269f86e3b671d9251af638c47f46ba276fb2

  • Oleg Grigoriev <go.vasac.woop@gmail.com>

This package is auto-updated.

Last update: 2026-06-19 17:12:10 UTC

README

Working with htpasswd file (PHP).

👁 Latest Stable Version
👁 Minimum PHP Version
👁 Tests
👁 Coverage Status
👁 License

Documentation

The library provides program API for manipulation with htpasswd file (for console utility see axypro/htpasswd-cli).

use axy\htpasswd\PasswordFile;

$file = new PasswordFile('/path/to/.htpasswd');
$file->setPassword('nick', 'password');
$file->setPassword('john', '123456');
$file->save();

Currently supported the following algorithms (constants of PasswordFile::*):

  • ALG_MD5: Apache APR1-MD5 algorithm (by default)
  • ALG_BCrypt: Blowfish
  • ALG_SHA1: SHA-1
  • ALG_CRYPT: crypt (unix)
  • ALG_PLAIN: Plain text (not supported of servers on some platforms).
__construct([string $filename])

The constructor takes the name of a htpasswd file.

Or NULL: analogue of the option -n of the console utility:

$file = new PasswordFile();
$file->setPassword('nick', 'password');
$file->getContent(); // out of the "file" content

$file->save(); // Exception FileNotSpecified
setPassword(string $user, string $password [, string $algorithm, [array $options]): bool

Sets the password $password for a user $user. For hashing uses $algorithm (by default Apache MD5).

$options is an array of options for hashing. Only cost for BCrypt supported (integer in the range 4 to 31)

Returns TRUE if a new user has been created. And FALSE if has been changed the password of an existing user.

remove(string $user): bool

Removes a user from the file. Returns TRUE is the user has been removed. And FALSE if the user was not found.

verify(string $user, string $password): bool

Returns TRUE if a $user exists and has $password as the password.

isUserExist(string $user): bool

Returns TRUE is a user exists in the file.

if (!$file->isUserExist('john')) {
 echo 'John? I do not known you.';
 exit();
}
if (!$file->verify('john', 'password')) {
 echo 'You are not John! You are an impostor!';
 exit();
}
echo 'Hello, John';
getContent(void): string

Returns the file content (without saving).

save(void): void

Saves the content to the file (if it is specified).

In contrast, from the utility htpasswd (see the option -c) the existing file always changing (not overwritten). Nonexistent file is created.

setFileName(string $filename): void

Sets a new filename. The content of the old file will be loaded and saved to the new (after save()).

getFileName(void): string

Returns the current specified file name.

Exceptions

In the axy\htpasswd\errors namespace.

  • InvalidFileFormat: a password file has invalid format.
  • FileNotSpecified: throws from save() if the file is not specified in the constructor.