Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4996
  • Last Modified:

Indy Trivial FTP Client/Server Example

I'm looking for an example on how to use the Indy Trivial FTP client and server components to upload and download a file.

Get and Put with the client seems clear enough, but I'm unsure how to handle the requests in te server.

Thanks in advance,

D2.
0
wavget
Asked:
wavget
  • 2
  • 2
1 Solution
 
BdLmCommented:
did you check the samples from the indy homepage ?
0
 
wavgetAuthor Commented:
First of all, Delphi comes with an example of both a TrivialFtp Server and Client, I just didn't think to look there at first :)

I downloaded the demo from indyproject.org but I am unable to find a TrivialFtp example in it.

My biggest question is how do I handle OnRead and OnWrite in the server.
0
 
NickRyanCommented:
Here's a short sample of how you could handle the file read process. The file write process is pretty similar except that you may want to put in more checks in the case of overwriting files.

This short example assumes that you're only accepting filenames, not filepaths in the TFTP server - if you want to accept file paths as well then you need to process the directory separators and ensure that it's not possible for a user to reference files outside of where you want them to. ie, strip out any "..\" items in the path.

You can use the IP address of the client as a form of access control if you need or want to restrict access to certain IP addresses or address ranges.


procedure TForm1.IdTrivialFTPServer1ReadFile( Sender:TObject;
  var FileName:String; const PeerInfo:TPeerInfo;
  var GrantAccess:Boolean; var AStream:TStream;
  var FreeStreamOnComplete:Boolean );
var
  EffectiveFileName:string;
const
  SERVER_ROOT = 'C:\TFTP\';
begin

  {First, check IP address of client, if this is what you need to do}
  // PeerInfo.PeerIP is the IP address of the client
  // if not PeerInfo.PeerIP = AllowedIPAddress then begin
  //   GrantAccess := False;
  //   Exit;
  // end; {if}

  {Process filename - in this case we assume that we are dealing with just a filename with no dir part}
  EffectiveFileName := SERVER_ROOT + ExtractFileName(FileName);
  GrantAccess := FileExists(EffectiveFileName);
  if not GrantAccess then begin
    {File doesn't exist, so obviously can't allow access}
    False;
    Exit;
  end; {if}

  {Setup file access}
  try
    {Open a file stream referencing the file}
    AStream := TFileStream.Create( EffectiveFileName, fmOpenRead or fmShareDenyWrite );
    {Allow the server FTP component to destroy the stream when the transfer process finishes}
    FreeStreamOnComplete := True;
  except
    {Handle failure to open file stream here - ie, file locked}
    GrantAccess := False;
  end; {try}

end;
0
 
NickRyanCommented:
Oops - please excuse the extra "False;" line in just after the FileExists check... it's just a typo.
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now