Help Speed Up a MySQL Query by Helping the Optimizer

Here’s a noob-to-noob optimization trick. Suppose you have a database table with, say, 200,000 records, and you regularly select on multiple criteria. The rule for selection is to put the most specific WHERE clause first, and the least specific last. The goal is to cut down the search set to something small, and then search through the smaller set. Get all the queries using this order, then create a composite index over the keys to speed up the search even more. Continue reading Help Speed Up a MySQL Query by Helping the Optimizer

htdigest Password Function in PHP

This is a function to change a password within an htdigest password database file. htdigest is one method of user authentication in Apache HTTP Server.

Global $htdigest contains a path to the htdigest file. Global $domain is the security domain.

The htdigest formula for the hash is:


htdigest is like htpasswd, except it uses the md5 hash for hiding the password, and it supports digest authentication. Digest authentication is more secure than “basic” authentication, because basic authentication sends your password in clear text. Digest authentication sends a hash. This is ever-so-slightly more secure. (Use SSL for real security.)

For more information: read the caveat about basic authentication.

function changePass( $username, $secdom, $oldp, $p )
        global $domain;
        global $htdigest;

        $changed = false;
        $in = fopen( $htdigest, 'r' );
        while ( preg_match("/:/", $line = fgets($in) ) )
                $line = rtrim( $line );
                $a = explode( ':', $line );
                if ($a[0]==$username && $a[1]==$secdom)
                        if ($a[2] == md5("$username:$secdom:$oldp"))
                                $a[2] = md5("$username:$secdom:$p");
                                $changed = true;
                                print "Old password was wrong, or username exist
                $output .= implode( ':', $a )."\n";
        if (! $changed) // assume it's a new password
                $hash = md5("$username:$secdom:$p");
                $output .= "$username:$secdom:$hash\n";
        $out = fopen( "$", 'w' );
        fwrite( $out, $output );
        fclose( $out );
        system("mv -f $ $htdigest");