On Tue, 2009-03-03 at 02:20 -0800, mike wrote: > On Tue, Mar 3, 2009 at 12:02 AM, Ashley Sheridan > <ash@xxxxxxxxxxxxxxxxxxxx> wrote: > > > Whoever said anything about open FTP? > > how else do you do it? > > either it's open/anonymous, or some hardcoded account info. either > way, not very secure, and due to the nature of it, kinda requires the > user to have enough privileges to upload N files of X bytes (you could > put quotas on it, chroot it, blahblah... but still) > The way I've done it for a system at work (it is for staff and clients only, so I guess that offers some protection) is to use scripts in conjunction with vsftp. Accounts are managed through an admin web interface, and each user has their own login credentials. Admittedly, the username and password are passed as plain text for it to auto log-in, but afaik, that happens with standard FTP anyway (unencrypted connections). This is more than likely overkill for this situation, but I had to resort to it as the system has to handle files over 2GB, and file upload forms are just not meant to handle that kind of load in the upstream! Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
