Re^6: HTTPD-Password Self-Management and Recovery

What you are describing here is the so-called lost-update problem. This can be avoided by using file-locking as you correctly pointed out.

File locking does not make the server unavailable (for reading the old file) as long as you only use a write-lock and not a read-lock. A write-lock is completely sufficient in this case.

Edit: The reason I don't intend to do a database-centered login is that I would actually like not to add a database and to separate the authentication from the application.

Comment on Re^6: HTTPD-Password Self-Management and Recovery

Replies are listed 'Best First'.
Re^7: HTTPD-Password Self-Management and Recovery by CountZero (Bishop) on Dec 04, 2011 at 20:54 UTC
A write lock will block a second "recover password" attempt when the first one is running and has not yet released the lock. I grant you that it is probably an unlikely event, but still ... CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James	[reply]

Replies are listed 'Best First'.

Re^7: HTTPD-Password Self-Management and Recovery
by CountZero (Bishop) on Dec 04, 2011 at 20:54 UTC

CountZero

A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

[reply]