Solved

Secure FTP connection, All browsers!!!

Posted on 2004-08-20
9
169 Views
Last Modified: 2010-04-06
Hello,

I need some advice.
I am building a web application in php.I work for a graphic design company. This application is a front end for a Image library. All the image files will be stored on a ftp server. I need a way to link to the files but not display ftp user/pass. What i am doing now is creating a pop-up which loads a php page which redirects to the ftp file (ftp://user:pass@ftp.domain.com:21/test.doc). This only works in some browsers:

IE- opens pop-up and save as dialog at same time, does not allow focus of pop-up until save as is clicked, and then pop-up close's (impossible to view source and see address)

netscape- opens pop-up and save as dialog, but displays link in netscape download manager.

Does anyone know of a way I can stop users from seeing the ftp user/pass?

If you need clarification on anything please ask
0
Comment
Question by:91mustang
9 Comments
 
LVL 2

Expert Comment

by:ryangclear
ID: 11860727
Wouldn't it be easier to do this with SQL queries and more secure? Server side stripping.
0
 
LVL 4

Author Comment

by:91mustang
ID: 11860920
Could you explain?
0
 
LVL 36

Expert Comment

by:Zyloch
ID: 11862427
ryan, you mean storing the image links inside a database?
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 4

Author Comment

by:91mustang
ID: 11863730
>>Zyloch

Thats what I am doing, but I still have to give the user the link to click on?, What I need is way to hide the password.
0
 
LVL 48

Expert Comment

by:hernst42
ID: 11864592
Why should the user download the image via ftp, he could also download it via http:// and your application. Instead of redirecting the user to the ftp://-URL redirect the user to a page which downloads the images. If you have the problem that the picture is shown in the browser you can modify the headers to show a save dialog for that file. e.g:

header("Content-Disposition: attachment; filename=\"$filename\"");
0
 
LVL 4

Author Comment

by:91mustang
ID: 11864597
The files are photshop and illustratot files. Most files are 800mb +. http is not an option. We need ftp for speed.
0
 
LVL 48

Accepted Solution

by:
hernst42 earned 125 total points
ID: 11864714
I just tried it and HTTP was faster than FTP:
A file of 322106KB took via ftp ~ 90 sec, via raw http it took ~ 67 seconds and via http and php it took as long as ftp ~ 90 sec

Both files have been downloaded via Mozilla 1.7 on an Windows-box (server is a linux-server, apache 1.3 for http and pure-ftpd for ftp) with a 100MBit-full switched network

The files was delivered in php:
header("Content-Disposition: attachment; filename=\"$filename\"");
header("Content-Length: " . filesize($filename));
$fp = fopen($filename, 'rb');
fpassthru($fp);
0
 
LVL 4

Author Comment

by:91mustang
ID: 11864739
interesting, I will give it a try at work tommorow, thanks for the info!!
0
 
LVL 3

Expert Comment

by:gnudiff
ID: 11892397
Side note.

In my around 7-8 years experience, HTTP downloads for some reason indeed have always been faster than FTP downloads from the same server, regardless of the server. I would guess that FTP protocol adds some overhead with its usage of 2 connections (control + data ).
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two main kinds of selectors in CSS: One is base selector like h1, h2, body, table or any existing HTML tags.  For instance, the following rule sets all paragraphs (<p> elements) to red: (CODE) CSS also allows us to define our own custom …
It's sometimes a bit tricky to use date functions in Oracle BPEL. I'll explain quickly how you can add N days to the current date. In a BPEL process this can be useful, and you can adapt it to fit your needs. First of all, let's see how to add 1 …
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

823 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question