Ftp Access Via Web Interface And Php

[charlesleo]

Hi. I've created a form on my webpage:

 

><form action="ftp.php/" method="POST">
<p><span class="logintext">Username</span>
<input name="username"">
</p>
<p><span class="logintext">Password</span>
<input name="password" type="password">
</p>
<p><input name="login" type="submit" value="login"></p>
</form>

 

With this, people should be able to login and access their FTP directory directly from their browser windows. Except, I cannot get any of the PHP scripts I have downloaded to work with the way TCH sets up their FTP access. Can someone show me an example PHP script with proper access setup please???

 

Thanks!

[TCH-Tim]

What does "ftp.php" look like?

[charlesleo]

I've posted the code on another forum - but no one has been able to solve my problem there:

 

http://www.v7n.com/forums/coding-forum/286...html#post296935

 

There were a couple solutions people posted - none which seems to have worked...

[TCH-Andy]

I'm not sure I totally understand what you want to do...

 

To get them to login to FTP via the browser you need to connect to

 

>ftp://user%40myserver.com:password@ftp.myserver.com

 

Please note that the "@" in the username has been replaced with the "%40" to prevent confusion between the two "@" you would otherwise have in the string.

[TCH-Tim]

An almost-working solution was posted to that forum yesterday. Using it I was able to login to my server, but I was not able to actually do anything once I got there (like navigate folders, delete files, etc.).

 

I'll poke around a little longer and see if I can come up with something.

[TCH-Tim]

Down around line 147 or so there is a note for Charles to "do above for vars below." If I do that, the script seems to work just fine.

 

I didn't write the script so I'm not going to post it here. And although I'm saying it works, I make no warranties in regards to how secure the script is. Use it at your own risk. Also keep in mind that if you ask it to delete something, it will not ask for confirmation first.

[charlesleo]

I'm not sure I totally understand what you want to do...

Thank you very much Andy. All I was looking to do (and still am) is provide a place for someone to submit their 'username' and 'password' in order to access their FTP directory via a browser's built-in FTP capabilities. All I want is a 'username' and 'password' interface.

 

I can create the HTML form, but I don't know what code I need to write in order to expedite this request. As for what has been posted (the code Tim is refering to below) - perhaps this is a bit 'bloated' for basic needs.

 

I know IE and Firefox on PCs support FTP request over browsers natively. However, I can't speak for Macintosh users. Perhaps this is the only downfall to built-in browser FTP sessions?

 

 

Down around line 147 or so there is a note for Charles to "do above for vars below." If I do that, the script seems to work just fine.

 

I didn't write the script so I'm not going to post it here. And although I'm saying it works, I make no warranties in regards to how secure the script is. Use it at your own risk. Also keep in mind that if you ask it to delete something, it will not ask for confirmation first.

Tim, I appreciate you taking your time to look at these scripts - everyone is such a great help here and at the other forum - I can't thank everyone enough. Embarassingly though, I can't get her noted changes to work. My PHP coding skills are virtually non-existent. I tried tinkering but I was left stupified. However, I am curious as to what you would do differently. I see your points in that this script is not fully-fleshed out. But I would prefer the above option in reply to Andy's post.

[TCH-Tim]

Charles,

 

Starting on line 142 in the code from yesterday is an if statement followed by a set of comments that reads:

>if (isset($_REQUEST["thingy"]))
{
	$thingy = $_REQUEST["thingy"];
}

//** charles do above for vars below
/*
		$_REQUEST["thingy"]
		$_REQUEST["chmod"]
		$_REQUEST["rename"]
		$_REQUEST["dl"]
		$_REQUEST["delete"]
		$_REQUEST["updir"]
		$_REQUEST["dir"]

*/

Replace that with:

>if (isset($_REQUEST["thingy"]))
{
	$thingy = $_REQUEST["thingy"];
}
if (isset($_REQUEST["chmod"]))
{
	$chmod = $_REQUEST["chmod"];
}
if (isset($_REQUEST["rename"]))
{
	$rename = $_REQUEST["rename"];
}
if (isset($_REQUEST["dl"]))
{
	$dl = $_REQUEST["dl"];
}
if (isset($_REQUEST["delete"]))
{
	$delete = $_REQUEST["delete"];
}
if (isset($_REQUEST["updir"]))
{
	$updir = $_REQUEST["updir"];
}
if (isset($_REQUEST["dir"]))
{
	$dir = $_REQUEST["dir"];
}

Make sure the $server variable is set to your ftp server (originally on line 206). That should be it to basically get it working. Where are you getting stuck? Are you getting any errors?

[charlesleo]

Hmm. I had that changed like you posted but was unable to create directories and delete files.

 

My server variable read:

 

$server="lunarstudio.com";

and previously (which didn't make a difference in this case):

$server="ftp.lunarstudio.com";

[TCH-Tim]

I didn't try uploading or creating files. I see the author also had a problem uploading files, but wrote it off as a permissions issue. They error I'm getting when uploading is "file bad," which it is not. CHMOD'ing everything to 777 doesn't help.

 

So I take it you are at least able to log in, navigate, delete, rename, and CHMOD - you just can't upload files or create directories?

[charlesleo]

I didn't try uploading or creating files. I see the author also had a problem uploading files, but wrote it off as a permissions issue. They error I'm getting when uploading is "file bad," which it is not. CHMOD'ing everything to 777 doesn't help.

 

So I take it you are at least able to log in, navigate, delete, rename, and CHMOD - you just can't upload files or create directories?

 

I couldn't download files either. At this point, I'm just possibly looking ditching this script. But there must be a simpler way to go about this using standard browser FTP functions.

 

So when a user enters their 'username' and 'password' from a simple form on a webpage (in my case - http://www.lunarstudio.com/login.html), it redirects them to:

 

ftp://username%40yourwebsite.com:password@yourwebsite.com

 

I just don't know how to go about writing, substituting, and concatenating all this. Basically, I can't code worth anything...

[TCH-Tim]

Like Andy says, I don't much see the need to have a PHP script do something that most browsers can do anyway, but I see why you might want an easier way for users to enter their username/pass.

 

The lady of the house has mandated that I install a ceiling fan right now, but I'll see what I can come up with later on. In my head I'm thinking it should be really easy.

[charlesleo]

LOL. It's definitely easier with the circuit breaker off... Oh - were you refering to the ceiling fan or script?

 

And yeah - I agree with the FTP bit. It just sounded so simple in theory (when clearly explained lol...)

Edited April 16, 2006 by charlesleo

[TCH-Andy]

I just created a page with a simple form on an javascript - if that will do ...

 

><html>
<head>
<title>Username/Password Script</title>

<script language="javascript">
<!--
function password(login) 
{
winAttributes= ' toolbar=no,location=no,scrollbars=no,resizable=no,width=800,height=600,left=1,top=1'; 
if ((document.login.user.value != "") && (document.login.pass.value != "")) 
{
window.open("ftp://"+document.login.user.value + "%40zzzzz.com:" + document.login.pass.value + "@zzzzz.com",'',winAttributes) 
}
else
{
alert('Please enter your Username and Password!, If you do not have one but would like access please email me zzzzz@zzzzz.com')
}
}
//-->
</script>

</head>

<body bgcolor="#000000" text="#cccccc">

<font face="arial,helvetica" size="2">

<div align="center">
<table cellpadding="2" border="2" bgcolor="#c0c0c0">
<tr>
<td><font face="arial,helvetica" size="2" color="#000000"><b>Username:</b></font></td>
<td><form name="login"><input name="user" type="text" size="10"></td>
</tr>
<tr>
<td><font face="arial,helvetica" size="2" color="#000000"><b>Password:</b></font></td>
<td><input name="pass" type="password" size="10"></td>
</tr>
<tr>
<td><center><input type="button" value="Login" onclick="password()">
</center></td>
<td><center><br><input type="Reset"></form></td>
</tr>
</table>

</div> 

</body>
</html>

 

You will need to replace the "zzzzz" in the code.

 

I just tested it, and if they just put in the first part of the username (without @domainname.com) and their password, it opens a new window for you with FTP.

[charlesleo]

Ohhhhh so nice... Thanks Andy! i'll have to check this out in a little bit.

 

Here's a simple .php script I've posted, but it locks me into some weird initial browser page. There's extra code which redirects you back to your page in case the info is invalid (in this case login.html):

 

><?php
$username=$_POST['username'];
$password=$_POST['password'];
if ($username == "" || $password == "")
{
/* Redirect to the login page if username or password is blank */
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'login.html';
header("Location: http://$host$uri/$extra");
} else {
/* Redirect to the FTP server if username and password is set */
header("Location: ftp://$username%40zzzzz.com:$password@zzzzz.com");
}

exit;
?>

Edited April 16, 2006 by charlesleo

[TCH-Tim]

It's definitely easier with the circuit breaker off...

Circuit breaker? Nah, I just do it one-handed. (j/k of course - safety first kids.)

 

Anyway, this is what I came up with using PHP.

 

ftp.php, where zzzz.xxx is your domain name:

><?php

if (($username != "") && ($password != "")){
$server = "ftp://" . $username . "%40zzzz.xxx:" . $password . "@ftp.zzzz.xxx";
header("Location:" . $server);
exit();
} ?>

<html>
<head>
<title>FTP Login</title>
</head>
<body>

<form action="ftp.php" method="POST">
Enter a valid user name and password to login:<br />
<input type="text" name="username" /><br />
<input type="password" name="password" /><br />
<input type="submit" value="Login" />
</form>

</body>
</html>

[charlesleo]

Hey Tim. Thanks for posting that code - very handy and again I appreciate you all taking time out to do this.

 

Before I get to testing both of yours - I was kind of on a one-track-mind of solving my PHP code I posted two posts up. It works but it takes me to some root directory in IE wihch I cannot drag and drop files.

 

If I click on a test file within the browser window (for example to download it) then hit the browser back button, then I get the typical FTP browser window which is the one I would want. Can someone please explain why you would think it would be doing this?

 

Thanks!

[TCH-Tim]

I noticed that in IE, but haven't figured out how to fix it yet. Works like a peach in Firefox though.

 

I'll let you know if I find anything.

[charlesleo]

I just tried Andy's script - it works great in IE.

 

But in Firefox it just lists the files that are there and no ability to drag and drop or upload a file. Is this normal Firefox behavior or do you guys use a FireFox FTP plugin? I wouldn't want to have anyone pecking around for a plugin to download.

 

I'm beginning to wonder if FireFox's default FTP just sucks...

[TCH-Bruce]

I use the FireFTP extension and it actually launches an FTP client in the broswer window.

[charlesleo]

Will check it out - sounds interesting. I guess the Firefox people are not the one's one generally has to worry about...

 

A rather ignorant question on my behalf - is there a quick way to modify Andy's 'Alert' lines so that it is a page redirect instead? Also, the alert doesn't seem to be working in IE or Firefox.