Nik:

You wrote C:\Progra... in one spot, and then D:/Down.... later in that line. Which way do you want those toothpicks to lean?

Have you tried D:\Downloads\Plus\passwords?

Or perhaps the other way 'round:

print `"C:/Program Files/Apache Software Foundation/Apache2.2/bin/htdi
+gest" -b D:/Downloads/Plus/passwords "You Must Be Registered In Order
+ To Post!" $username $password` or die $!;
[download]

s**lil*;  $*=join'',sort split q**;  s;.*;grr; &&s+(.(.)).+$2$1+; $; =
qq-$_-;s,.*,ahc,;$,.=chop for split q,,,reverse;print for($,,$;,$*,$/)
[download]

I'll assume that you use digest authentication. There are some things that you need to be aware of. First, it's still somewhat experimental. Second, it's more secure than basic authentication, but not all browsers support it. Amaya, Kongueror, MSIE for Mac OX, and Windows IE (but that can fail with GET requests with query strings) support it. Mozilla, Netscape 7, Opera, Safari, and lynx do not support it. In other words, you should only use it in an environment where all users have a supporting browser.

As to what the error is, htdigest -b should probably be htdigest -c. I couldn't find anything in the docs for -b.

It looks like you're using some kind of Apache htauth thingy for access control. Frankly, there are better and more secure ways of doing this.

I'd look into putting your usernames and passwords into a database (I'd suggest MySQL) and using perl to validate them. You could use sessions (either CGI::Session or Apache::Session) to keep track of authorization and have each page in the directory check the session to see if the user has been authorized. If you must be registered in order to post, this offers a much better way of keeping track of your users. I'd try and stay away from htdigest, htpass, and .htaccess unless there is no other option.

Why, whats wrong with htdigest? Fianlly i did this and it worked!

use Digest::MD5;
...
...
#***********CHECK IF USER ALREADY EXISTS & ITS NOT AN AUTOMATED SCRIPT
+**********
$select = $dbh->prepare( "SELECT username, date FROM users WHERE usern
+ame = ? AND date > DATE_SUB(NOW(), INTERVAL 5 MINUTE)" );
$select->execute( $username );

if ( $select->rows ) {
        print h1( {class=>'cyan'}, "Αυτός &#9
+59; Χρήστης υπά&#96
+1;χει ήδη! Διάλ&#94
+9;ξε άλλο όνομ&#945
+; χρήστη!" );
        exit 0;
}


#***********ADD NEW USER TO THE DIGEST PASSWORD FILE & TO THE DATABASE
+**********
my $user  = $username;
my $realm = "You Must Be Registered In Order To Post!";
my $pass  = $password;

open(FILE, ">>/path/to/password/file") or die $!;
     print FILE "$user:$realm:" . Digest::MD5::md5_hex("$user:$realm:$
+pass") . "\n";
close(FILE);

$select = $dbh->prepare( "INSERT INTO users (username, password, email
+, date, host) VALUES (?, ?, ?, ?, ?)" );
$select->execute( $username, $password, $email, $date, $host);
[download]

Isnt that approach an ok option to use?

ps. Is it safe to keep the password file inside the www directory or put it outside the webroot better?!