Upload via FTP or PHP

software development

#1

I need a bunch of clients to be able to upload some PDF or DOC files. I was thinking of a PHP script to upload files but I heard there was a limitation of size. Some of the files being uploaded are near 10 MB large. If PHP wont work, do you guys know of a way to create individual ftp accounts and 1 account to manage all of them.


#2

This question comes up continually, and while there are a lot of ways to approach the issue, I think the best approach is to use a script to facilitate the uploads (I know, I sound like a broken record with what follows :wink: ).

To me this is preferable to kludging together an FTP based arrangement because it is more secure and much more easily managed.

If the use of FTP (or, preferably SFTP for security reasons) is not an absolute requirement, you might consider an alternative approach. By providing a script-based uploading tool (or even a “filemanager” type application) accessible by users via a browser. You can eliminate the multiple users management issues and retain a single user (yourself, or the “master” user) as “owner” of all the files.

This “plays well with others” in that there are no suEXEC permissions issues, and you can manage all the files conveniently from your own user’s account without having to jump through hoops.

There are many such programs readily and “freely” available that can provide this function (with varying degrees of quality, flexibility, and security) but you have to watch out for the PHP based scripts if you have files larger than 7MB because of the DreamHost default PHP max_upload_filesize setting.

One script that I use, and recommend, is uber-uploader. This is particularly nice in that it is focused on the single function of facilitating uploads, and because of the way in which it uses both PHP and perl, it is not constrained by a given PHP environment’s max_upload_filesize settings.

By installing a copy of this (protected by .htaccess based apache authentication), and having the users place all files only in the designated sub-dir, you can allow convenient uploading to the appropriate directories while preventing “up-tree” exploring.

This is the method I use in similar situations, and I have found it to work very well - most users needing to upload find the web-based upload interface to be easier to use than FTP, and they are far less likely, in my experience, to “bork” stuff up that way than they are using FTP. I also think it’s more secure.

The big added advantage is that at the end of the day your user owns all the files, and that saves a lot of management hassles.

–rlparker
–DreamHost Tech Support


#3

That is exactly the type of solution I’m looking for. I’ve been playing with different scripts all to various degrees of success. The flash ones have not been behaving well with my htaccess files (im assuming) and the PHP will definately have the limits. Since I’m comfortable with PERL your script may be the answer. Thanks!