On Wed, Jul 02, 2003 at 05:26:26PM -0500, Dean E. Weimer wrote: > > > > The ideal candidate would authenticate based on a MySQL table and would > > be able to handle multiple users with unique base directories. I'd > > rather not use an PHP-based FTP client, but I'm open to that if nothing > > else is available. > > Try http://www.wonko.com/notftp/ if you want a ready to use PHP Based FTP > client, If you are running on Unix or Open Source there should be FTP > servers available that can authenticate through MySQL.
Thanks very much for the link. It's unfortunate that NotFTP *is* in fact an FTP client, rather than not one. :-/ I really don't want to have to maintain a set of FTP accounts if I can avoid it, but I may look to NotFTP for "inspiration" on a user interface for my own tool. > > Before I write one myself, is there a package that has already been > > built that any one can recommend (or recommend against)? > > I tried this recently, But I discovered that this leaves users directories > rather insecure. At least when being used on a web server where users > could upload PHP scripts, since there is nothing to stop them from > uploading scripts that modify other users files. This can be solved neatly by use of open_basedir. Users' scripts can only read files according to limitations that I set on the server. And another option of course is to store all files in blobs in db table. I wouldn't do it for anything high traffic, but for cases where a file will be uploaded once and downloaded once or twice then deleted, I won't have to deal with ongoing performance issues. -- Paul Chvostek <[EMAIL PROTECTED]> it.canada http://www.it.ca/ Free PHP web hosting! http://www.it.ca/web/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
