Any ready made 'Upload' tools?

M

Mark Hamptons

Hi, I've scoured sites like Bravenet but cannot find what I want, which is a
ready to go tool that will let me place an Upload button on my web site.
When clicked this will give the visitor a Browse window to select a file
from their HD and upload it to my FTP site. Obviously the visitor will not
see my FTP password or have access to it.

Can anyone recommend a free service that provides a tool like this I can
just 'drop' into my site?

Thanks.
 
I

Ivo

Hi, I've scoured sites like Bravenet but cannot find what I want, which is a
ready to go tool that will let me place an Upload button on my web site.
When clicked this will give the visitor a Browse window to select a file
from their HD and upload it to my FTP site. Obviously the visitor will not
see my FTP password or have access to it.

Can anyone recommend a free service that provides a tool like this I can
just 'drop' into my site?

<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">
<input type="file" name="uploadme">
<input type="submit">
</form>

Five lines, and the only bit you need to change is "somescript" which should
point to the script that receives the form. What this script should look
like is a question for an asp of php newsgroup, or whatever serverside
language is available to you.
HTH
Ivo
 
L

Leif K-Brooks

L

Leif K-Brooks

Ivo said:
<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">
<input type="file" name="uploadme">
<input type="submit">
</form>

What's with the hidden MAX_FILE_SIZE field? If your script is supposed
to check the file size to make sure it's under that, you need to rethink
your security: anyone who knows what they're doing can easily change
that. Your script needs to have the maximum file size hard-coded.
 
A

Alan J. Flavell

"Mark Hamptons" asked on an inappropriate group:
[...]

and "Mark Hamptons" delivered the inevitable punishment:
<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">

You really haven't grasped the concept of web security, have you?

The HTML part is trivial. The significant part is the server-side
processing. Perl users have it made with CGI.pm (as long as they RTFM
about max size, and follow the instructions). So I'd say asking this
question on the HTML group(s) is a big mistake. Read the web security
FAQ ( http://www.w3.org/Security/Faq/www-security-faq.html , of
course) and take appropriate measures.
 
I

Ivo

What's with the hidden MAX_FILE_SIZE field? If your script is supposed
to check the file size to make sure it's under that, you need to rethink
your security: anyone who knows what they're doing can easily change
that. Your script needs to have the maximum file size hard-coded.

<quote cite="http://www.php.net/manual/en/features.file-upload.php">

The MAX_FILE_SIZE hidden field (measured in bytes) must precede the file
input field, and its value is the maximum filesize accepted. (...) The
MAX_FILE_SIZE is advisory to the browser, although PHP also checks it.
Changing this on the browser size is quite easy, so you can never rely on
files with a greater size being blocked by this feature. The PHP-settings
for maximum-size, however, cannot be fooled. You should add the
MAX_FILE_SIZE form variable anyway as it saves users the trouble of waiting
for a big file being transferred only to find that it was too big and the
transfer actually failed.

</quote>

:-]
 
I

Ivo

You really haven't grasped the concept of web security, have you?

I refer to my second post in this thread. In my concept security is handled
on the server. But have you grasped the concept of user-friendliness?
Cheers,
Ivo
 
J

Jeff Thies

PW said:
Do yourself a favour, look up "aspUpload" by Persits software. Its cheap,
and works.
Or use any other environment than ASP.

ASP is the only environment where saving files isn't built in. MS fixed
that in ASP.net.

Perl and PHP have always had that as part of the core function. Perhaps
the core function of ASP is to spend money?

Jeff
 
S

SpaceGirl

Jeff said:
Or use any other environment than ASP.

ASP is the only environment where saving files isn't built in. MS fixed
that in ASP.net.

Perl and PHP have always had that as part of the core function. Perhaps
the core function of ASP is to spend money?

Jeff

We use this... excellant little tool.


--


x theSpaceGirl (miranda)

# lead designer @ http://www.dhnewmedia.com #
# remove NO SPAM to email, or use form on website #
 
M

Mark Hamptons

Thanks for this and for all the other replies, however these aren't much
good to me. As explained, I need to upload to an FTP site.

I don't have a server, I just have an HTML editor (FrontPage 2003) and
standard web hosting by my ISP (blueyonder).

What I want is a simple tool on my site that will let users place files in
my FTP whilst masking my password. Anyone?

Thanks.

Mark

http://www.hotscripts.com/PHP/Scripts_and_Programs/File_Manipulation/Upload_Systems/index.html
 
J

Jeff Thies

Mark said:
Thanks for this and for all the other replies, however these aren't much
good to me. As explained, I need to upload to an FTP site.

I don't have a server, I just have an HTML editor (FrontPage 2003) and
standard web hosting by my ISP (blueyonder).

What I want is a simple tool on my site that will let users place files in
my FTP whilst masking my password. Anyone?

Can't be done client side (think about it), which is what you've limited
yourself to. You'll need to change webhost and then you'll have options.

Jeff
 
T

Toby Inkster

Mark said:
What I want is a simple tool on my site that will let users place files in
my FTP whilst masking my password. Anyone?

You *might* be able to find the source code Java applet that can FTP files
and then hard code your login details into it.
 
L

Leif K-Brooks

Toby said:
You *might* be able to find the source code Java applet that can FTP files
and then hard code your login details into it.

And then someone will use a Java decompiler on it.
 
M

Mark Hamptons

As an alternative, are there any services you guys know of that will provide
storage space free of charge (advertising based is fine) and allow anyone to
upload to it via a hyperlink I can put on my site -- kind of like an FTP
with no password?

Thanks for all your help so far :)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,904
Latest member
HealthyVisionsCBDPrice

Latest Threads

Top