On 3/22/07, PHP Fusebox <salientdigital@xxxxxxxxx> wrote:
I built a CMS that lets a super user create and manage basic users (among lots of other things). I want basic users to get an FTP account that is automatically associated with their website user account, and managed from my add/edit user form. For example if I create a user named fred032@xxxxxxxxxxxx for him to login to my web app, I want my users to be able to use their same login name and password to access their web folder via FTP. I am running on LAMP on a CPanel server with ProFTP as the FTP server software, but I have no clue how to get PHP to be able to create, edit, or delete an FTP account. Can someone point me in the right direction? I can see the Form field names and URLs in the CPanel forms where this is set up, but is it safe to CURL these same URLs from my app? That seems like a big security risk. Thanks, Geoff
Let's start with the end, it is a big security hole, as you would need to enter your reseller account info in the curl options. Which might be traced somewhere. I'm not sure how ProFTP is set up, but might it be that it is working for every local user? So that if you create a new user on your system, that it can also login through FTP. That's quite common for such things as CPanel. I never used CPanel or such on my own development server so i don't know, but i think it works like above, and you should just create a new user with useradd from within PHP with the exec function. Tijnema
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
