In case anyone was holding their breath, I have just realised that the data I wanted to store on the server can be stored elsewhere (in the application data area, as a property of a stack). So I won’t be in such a hurry to learn this stuff, though I know its value and will do so eventually.
Graham I wrote just now: > OK, I’ll be looking at it: I was not planning to use LiveCode server for this > task, although as a matter of fact I do have a copy on the site in question > for other purposes. > > Thanks to you and to Richard G. I’ll report back when I’ve sorted it out. > > Graham > >> On 6 Mar 2018, at 17:38, Mike Bonner via use-livecode >> <use-livecode@lists.runrev.com> wrote: >> >> The specific lesson for lc server file uploads is here: >> http://lessons.livecode.com/m/4070/l/40708-how-to-upload-a-file-with-livecode-server >> >> but as mentioned, setup https first! >> >> On Tue, Mar 6, 2018 at 9:33 AM, Richard Gaskin via use-livecode < >> use-livecode@lists.runrev.com> wrote: >> >>> Graham Samuel wrote: >>> >>>> However, I don’t seem to be able to mimic what my FTP software >>>> (Transmit on the Mac, or FileZilla) can do, which is to easily delete >>>> a file on a server - the file in question is part of a web site >>>> hosted by DreamHost. I just want to use the URL functionality to do >>>> this, as discussed in my conversation below, but I always get 405 >>>> (http) or 530 (ftp). I have a vague suspicion that I should be >>>> transmitting my credentials to the server, which of course I did when >>>> I set up my FTP client, but I have absolutely no idea how to do this. >>>> >>>> Many members of this list must have mucked around with files on a >>>> server - can someone point me to a tutorial on all this? >>> >>> If there were, it would not be a short one. >>> >>> If you could delete a file via HTTP alone, then anyone with a browser >>> could delete files on your server. >>> >>> FTP is unsafe to use on the Internet, as it sends passwords in clear text. >>> >>> You could consider FTPS or SFTP, which are not available in the Community >>> Edition but are in others via tsNet - but not without risk: >>> >>> FTP and its secure variants are designed for ad hoc management of remote >>> file stores. You can delete the file in question, but also any other, and >>> can modify anything on the server in any way you like. >>> >>> This is useful in tools like Filezilla, where the password is only stored >>> on your own computer. >>> >>> But if you hard-wire the password in a script, and that script is part of >>> a publicly-distributed app, a memory dump can reveal the key to having >>> complete control over everything on your server. >>> >>> The most common way for apps to perform write tasks on servers is through >>> an HTTP API, which would require something on the server to process the >>> requests. That something can be PHP, Python, LiveCode Server, or other >>> languages that work well with CGI. >>> >>> You'd still want some way to authenticate the request, but since it's used >>> only in a server script you write the scope of what can be done with it is >>> much more limited. >>> >>> And of course that assumes your web server is using HTTPS so credentials >>> can be sent over secured connection, but given the many benefits of HTTPS >>> and the free availability of SSL certs via the Let's Encrypt project >>> (Dreamhost has a convenient option for Let's Encrypt in their control >>> panel) I'm hoping we can assume all web servers managed by developers >>> already have or will soon have HTTPS in place. >>> >>> A tutorial for getting started with LiveCode Server is here: >>> https://livecode.com/resources/guides/server/ >>> >>> I wish I had a one-liner solution for you. But in the hostile environment >>> of the Internet, writing network applications requires much more diligence >>> than we used to enjoy back in the day. >>> >>> -- >>> Richard Gaskin >>> Fourth World Systems >>> Software Design and Development for the Desktop, Mobile, and the Web >>> ____________________________________________________________________ >>> ambassa...@fourthworld.com http://www.FourthWorld.com >>> >>> >>> _______________________________________________ >>> use-livecode mailing list >>> use-livecode@lists.runrev.com >>> Please visit this url to subscribe, unsubscribe and manage your >>> subscription preferences: >>> http://lists.runrev.com/mailman/listinfo/use-livecode >>> >> _______________________________________________ _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
