Solved

Secure FTP connection, All browsers!!!

Posted on 2004-08-20
9
168 Views
Last Modified: 2010-04-06
Hello,

I need some advice.
I am building a web application in php.I work for a graphic design company. This application is a front end for a Image library. All the image files will be stored on a ftp server. I need a way to link to the files but not display ftp user/pass. What i am doing now is creating a pop-up which loads a php page which redirects to the ftp file (ftp://user:pass@ftp.domain.com:21/test.doc). This only works in some browsers:

IE- opens pop-up and save as dialog at same time, does not allow focus of pop-up until save as is clicked, and then pop-up close's (impossible to view source and see address)

netscape- opens pop-up and save as dialog, but displays link in netscape download manager.

Does anyone know of a way I can stop users from seeing the ftp user/pass?

If you need clarification on anything please ask
0
Comment
Question by:91mustang
9 Comments
 
LVL 2

Expert Comment

by:ryangclear
ID: 11860727
Wouldn't it be easier to do this with SQL queries and more secure? Server side stripping.
0
 
LVL 4

Author Comment

by:91mustang
ID: 11860920
Could you explain?
0
 
LVL 36

Expert Comment

by:Zyloch
ID: 11862427
ryan, you mean storing the image links inside a database?
0
 
LVL 4

Author Comment

by:91mustang
ID: 11863730
>>Zyloch

Thats what I am doing, but I still have to give the user the link to click on?, What I need is way to hide the password.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 48

Expert Comment

by:hernst42
ID: 11864592
Why should the user download the image via ftp, he could also download it via http:// and your application. Instead of redirecting the user to the ftp://-URL redirect the user to a page which downloads the images. If you have the problem that the picture is shown in the browser you can modify the headers to show a save dialog for that file. e.g:

header("Content-Disposition: attachment; filename=\"$filename\"");
0
 
LVL 4

Author Comment

by:91mustang
ID: 11864597
The files are photshop and illustratot files. Most files are 800mb +. http is not an option. We need ftp for speed.
0
 
LVL 48

Accepted Solution

by:
hernst42 earned 125 total points
ID: 11864714
I just tried it and HTTP was faster than FTP:
A file of 322106KB took via ftp ~ 90 sec, via raw http it took ~ 67 seconds and via http and php it took as long as ftp ~ 90 sec

Both files have been downloaded via Mozilla 1.7 on an Windows-box (server is a linux-server, apache 1.3 for http and pure-ftpd for ftp) with a 100MBit-full switched network

The files was delivered in php:
header("Content-Disposition: attachment; filename=\"$filename\"");
header("Content-Length: " . filesize($filename));
$fp = fopen($filename, 'rb');
fpassthru($fp);
0
 
LVL 4

Author Comment

by:91mustang
ID: 11864739
interesting, I will give it a try at work tommorow, thanks for the info!!
0
 
LVL 3

Expert Comment

by:gnudiff
ID: 11892397
Side note.

In my around 7-8 years experience, HTTP downloads for some reason indeed have always been faster than FTP downloads from the same server, regardless of the server. I would guess that FTP protocol adds some overhead with its usage of 2 connections (control + data ).
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Owl Carousel 6 173
recommended CMS for the website revamp 3 92
Contact Forms for Website 6 78
I starting with php 12 115
Preface In the first article: A Better Website Login System (http://www.experts-exchange.com/A_2902.html) I introduced the EE Collaborative Login System and its intended purpose. In this article I will discuss some of the design consideratio…
I found this questions asking how to do this in many different forums, so I will describe here how to implement a solution using PHP and AJAX. The logical flow for the problem should be: Write an event handler for the first drop down box to get …
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now