PHP的FTP学习(四) - PHP Web开发技术文档 - 安全技术

By Vikram Vaswani
Melonfire
November 07, 2000
以下是代码列表：
--------------------------------------------------------------------------------

<html>
<head>
<basefont face=arial>
</head>

<body>

<table border=0 align=center>
<form action="actions.php" method=post>
<input type=hidden name=action value=CWD>
<tr>
<td>
Server
</td>
<td>
<input type=text name=server>
</td>
</tr>

<tr>
<td>
User
</td>
<td>
<input type=text name=username>
</td>
</tr>

<tr>
<td>
Password
</td>
<td>
<input type=password name=password>
</td>
</tr>

<tr>
<td colspan=2 align=center>
<input type="submit" value="Beam Me Up, Scotty!">
</td>
</tr>

</form>
</table>

</body>
</html>


--------------------------------------------------------------------------------
--------------------------------------------------------------------------------


<html>
<head>
<basefont face=Arial>
</head>
<body>

<?
/*
--------------------------------------------------------------------------------
DISCLAIMER:

This is use-at-your-own-risk code.

It is meant only for illustrative purposes and is not meant for production environments. No warranties of any kind are provided to the user.

You have been warned!

All code copyright Melonfire, 2000. Visit us at http://www.melonfire.com
--------------------------------------------------------------------------------
*/

// function to connect to FTP server
function connect()
{
global $server, $username, $password;
$conn = ftp_connect($server);
ftp_login($conn, $username, $password);
return $conn;
}

// main program begins

// check for valid form entries else print error
if (!$server || !$username || !$password)
{
echo "Form data incomplete!";
}
else
{

// connect
$result = connect();

// action: change directory
if ($action == "CWD")
{

// at initial stage $rdir does not exist
// so assume default directory
if (!$rdir)
{
$path = ".";
}
// get current location $cdir and add it to requested directory $rdir
else
{
$path = $cdir . "/" . $rdir;
}

// change to requested directory
ftp_chdir($result, $path);

}

// action: delete file(s)
else if ($action == "Delete")
{

ftp_chdir($result, $cdir);

// loop through selected files and delete
for ($x=0; $x<sizeof($dfile); $x++)
{
ftp_delete($result, $cdir . "/" . $dfile[$x]);
}

}
// action: download files
else if ($action == "Download")
{

ftp_chdir($result, $cdir);

// download selected files
// IMPORTANT: you should specify a different download location here!!
for ($x=0; $x<sizeof($dfile); $x++)
{
ftp_get($result, $dfile[$x], $dfile[$x], FTP_BINARY);
}

}
// action: upload file
else if ($action == "Upload")
{

ftp_chdir($result, $cdir);

// put file

/*
a better idea would be to use
$res_code = ftp_put($result, $HTTP_POST_FILES["upfile"]["name"],
$HTTP_POST_FILES["upfile"]["tmp_name"], FTP_BINARY);
as it offers greater security
*/
$res_code = ftp_put($result, $upfile_name, $upfile, FTP_BINARY);

// check status and display
if ($res_code == 1)
{
$status = "Upload successful!";
}
else
{
$status = "Upload error!";
}

}

// create file list
$filelist = ftp_nlist($result, ".");

// and display interface
include("include.php");

// close connection
ftp_quit($result);

}
?>

</body>
</html>


--------------------------------------------------------------------------------
--------------------------------------------------------------------------------


<?

// get current location
$here = ftp_pwd($result);

/*
since ftp_size() is quite slow, especially when working
on an array containing all the files in a directory,
this section performs an ftp_size() on all the files in the current
directory and creates three arrays.
*/

// array for files
$files = Array();

// array for directories
$dirs = Array();

// array for file sizes
$file_sizes = Array();

// counters
$file_list_counter = 0;
$dir_list_counter = 0;

// check each element of $filelist
for ($x=0; $x<sizeof($filelist); $x++)
{
if (ftp_size($result, $filelist[$x]) != -1)
{
// create arrays
$files[$file_list_counter] = $filelist[$x];
$file_sizes[$file_list_counter] = ftp_size($result, $filelist[$x]);
$file_list_counter++;
}
else
{
$dir_list[$dir_list_counter] = $filelist[$x];
$dir_list_counter++;
}
}

?>


<center>
You are currently working in <b><? echo $here; ?></b>
<br>

<? echo $status; ?>
</center>
<hr>
<p>

Available directories:
<form action=actions.php method=post>



<input type=hidden name=username value=<? echo $username; ?>>
<input type=hidden name=password value=<? echo $password; ?>>
<input type=hidden name=server value=<? echo $server; ?>>
<input type=hidden name=cdir value=<? echo $here; ?>>


<input type=hidden name=action value=CWD>


<select name=rdir>
<option value=".."><parent directory></option>

<?

for ($x=0; $x<sizeof($dir_list); $x++)
{
echo "<option value=" . $dir_list[$x] . ">" . $dir_list[$x] . "</option>";

}
?>

</select>
<input type=submit value=Go>
</form>

<hr>



Available files:
<form action=actions.php method=post>


<input type=hidden name=server value=<? echo $server; ?>>
<input type=hidden name=username value=<? echo $username; ?>>
<input type=hidden name=password value=<? echo $password; ?>>
<input type=hidden name=cdir value=<? echo $here; ?>>

<table border=0 width=100%>

<?

// display file listing with checkboxes and sizes
for ($y=0; $y<sizeof($files); $y++)
{
echo "<tr><td><input type=checkbox name=dfile[] value=" . $files[$y] .
">". $files[$y] . " <i>(" . $file_sizes[$y] . " bytes)</i><td>";
}

?>
</table>


<center>
<input type=submit name=action value=Delete>
<input type=submit name=action value=Download>
</center>
</form>
<p>

<hr>


File upload:
<form enctype="multipart/form-data" action=actions.php method=post>


<input type=hidden name=username value=<? echo $username; ?>>
<input type=hidden name=password value=<? echo $password; ?>>
<input type=hidden name=server value=<? echo $server; ?>>
<input type=hidden name=cdir value=<? echo $here; ?>>

<table>
<tr>
<td>

<input type=file name=upfile>
</td>
</tr>
<tr>
<td>

<input type=submit name=action value=Upload>
</td>
</tr>
</table>
</form>

【返回顶部】【打印本页】【关闭窗口】