Jump to content

Remote File Handling !

d.shankar

By d.shankar
in PHP Coding Help

 Share

Recommended Posts

d.shankar Regular Member

d.shankar

Posted
Posted

Hi all.

 

I need to append some content to a remote file in a webserver from my server.

eg: the remote file www.remotesite.com/file.txt has to ba appended with some text from my server www.myserver.com

 

Known & Available Possibility

1)ftp to remote site and retrieve the file.txt

2)copy the content of remote file to a local temp text file.

3)make the changes and upload it back via ftp

 

The above procedure is time consuming , is there any other fastest procedure ?

 

 

Link to comment
Share on other sites
chronister Regular Member

chronister

Posted
Posted

To the best of my knowledge, if we are talking about 2 separate physical/virtual server machines, then no there is no way as that would be a HUGE security risk.

 

If the 2 sites live on the same physical server, then it would probably be possible. I understand the need for this as I too have needed to do it, but it sounds a bit shady... the whole "without knowing the ftp credentials" part. In the wrong hands this kind of thing could be very bad.

 

I mean, think about it. Would you want someone to be able to write to files on your server by using curl or some other method and not need the FTP credentials? I know I wouldn't.

 

Nate

Link to comment
Share on other sites
d.shankar Regular Member

d.shankar

Posted
  • Author
Posted

I understand the situation but the client will refuse to give their ftp username and password instead they will rather let us to write to a single file.

 

Let us take it this way.Can this be done ?

 

better to ask them to give write permission on the single file so that the file can be accessed by their i and my server ip alone ?

 

Is this possible ?

Link to comment
Share on other sites
chronister Regular Member

chronister

Posted
Posted

I may be wrong, but I don't think their permission matters at all. I think it is more of a server security issue here.

 

You should look into fopen, curl and the like. I believe your server config determines whether or not you can use fopen and related functions across URLS.

 

You may suggest to them that they create a new dir that you have ftp access to and limit the access to that dir when they create a new ftp username and pass. That way there is no issue with you fooling with their existing files and you still have ftp access to the file you need.

 

Thats the best i can come up with. Do a search on google for php write to remote server. You may find a couple things there.

 

Nate

 

Link to comment
Share on other sites
chronister Regular Member

chronister

Posted
Posted

You would have full access to that particular directory only. You could create files there, but only in that directory. The rest of the server would be un-touchable by you. Hell, they could even create this directory below the web root.. meaning if they place public web files in /www/public_html, they could create a directory at /www or even at root that would allow you to do what you need to in that dir, but you would not even be able to run the file on the web server.

 

For instance, if they gave you a directory that was accessible by their URL, then you could say create a script that deletes the entire /www/public_html directory by running it as a web page. But if it was below web root, then you could not run the file.

 

If they won't go for that, then I guess you will have to tell them that if they want you to complete the work they hired you for, then they have to give access.

 

You could create a php script to accept POST data and write that to the file. That is the only other way I can think of right now.

 

Seems silly to me that if they hired you to do a particular job, that they should give some kind of access to allow you to complete the job.

 

Thats all I got.

 

Merry Christmas.

 

Nate

Link to comment
Share on other sites
d.shankar Regular Member

d.shankar

Posted
  • Author
Posted

Merry Christmas Buddy !!!!!!

 

 

You could create a php script to accept POST data and write that to the file. That is the only other way I can think of right now.

 

I am curious to know more about this. You mean cURL or something.

Like to know about this. What about access restrictions ?

 

 

Yes bloodymind. They can add my server ip in htaccess and thats what i was planning to do.

But main thing is that. I should not be able to delete their files, since i need to access only a txt file or something in the root where the main .htaccess resides, they should give me access to modify,delete,upload,download the .txt file alone.

 

Can this be done ?

 

 

Link to comment
Share on other sites
corbin Regular Member

corbin

Posted
Posted

A short example script:

 

This would go on the remote server, pretend it's called replace.php:

 

$username = "corbin";
$password = "hello";
if(isset($_POST['username']) && isset($_POST['pasword']) && $_POST['username'] == $username && $_POST['password'] == $password) {
    if(isset($_POST['action']) && $_POST['action'] == 'write') {
        if(isset($_POST['content'])) {
            $f = fopen('file.txt', 'w');
            if($f) {
                if(fwrite($f, $_POST['content'])) {
                    echo '1'; //I figure just echo 1 for success or something.
                }
            }
        }
    }
    else {
        //assume the action == get
        readfile('file.txt');
        exit;
    }
}

 

 

This would be the remote file:

 

<?php
$username = "corbin";
$password = "hello"
$file_content = file_get_contents('file.txt');
$errno = $errstr = null;
$f = fsockopen("someplace.com", 80, $errno, $errstr, 2);
if($f) {
    if(fwrite("POST /path/to/replace.php HTTP/1.1\r\nHost: someplace.com\r\rConnection: close\r\n\r\n" . urlencode($file_content) . "\r\n")) {
        while(!feof($f)) {
            if(fgets($f) == '1') {
                echo 'Success!';
            }
        }
    }
}
else {
    echo 'Could not connect socket.';
}

 

 

 

You could even change it to have an append mode and so on.

 

 

FTP would definitely be an option too though.  The FTP user would need file permissions only on the file that you would modify.  Going over the FTP protocol instead of the HTTP probably wouldn't be much more effort or slower.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.