Any ready made 'Upload' tools?

Mark Hamptons wrote:

Hi, I've scoured sites like Bravenet but cannot find what I want, which is a
ready to go tool that will let me place an Upload button on my web site.
When clicked this will give the visitor a Browse window to select a file
from their HD and upload it to my FTP site. Obviously the visitor will not
see my FTP password or have access to it.

http://www.hotscripts.com/PHP/Script...ems/index.html

"Mark Hamptons" wrote

Hi, I've scoured sites like Bravenet but cannot find what I want, which is a ready to go tool that will let me place an Upload button on my web site.
When clicked this will give the visitor a Browse window to select a file
from their HD and upload it to my FTP site. Obviously the visitor will not see my FTP password or have access to it.

Can anyone recommend a free service that provides a tool like this I can
just 'drop' into my site?

<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">
<input type="file" name="uploadme">
<input type="submit">
</form>

Five lines, and the only bit you need to change is "somescript" which should
point to the script that receives the form. What this script should look
like is a question for an asp of php newsgroup, or whatever serverside
language is available to you.
HTH
Ivo

Ivo wrote:

<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">
<input type="file" name="uploadme">
<input type="submit">
</form>

What's with the hidden MAX_FILE_SIZE field? If your script is supposed
to check the file size to make sure it's under that, you need to rethink
your security: anyone who knows what they're doing can easily change
that. Your script needs to have the maximum file size hard-coded.

"Mark Hamptons" asked on an inappropriate group:

Hi, I've scoured sites like Bravenet but cannot find what I want,
which is a ready to go tool that will let me place an Upload
button on my web site.

[...]

and "Mark Hamptons" delivered the inevitable punishment:
<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">

You really haven't grasped the concept of web security, have you?

The HTML part is trivial. The significant part is the server-side
processing. Perl users have it made with CGI.pm (as long as they RTFM
about max size, and follow the instructions). So I'd say asking this
question on the HTML group(s) is a big mistake. Read the web security
FAQ ( http://www.w3.org/Security/Faq/www-security-faq.html , of
course) and take appropriate measures.

"Leif K-Brooks" wrote

Ivo wrote:

<form method="post" action="somescript" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="7340032">
<input type="file" name="uploadme">
<input type="submit">
</form>

What's with the hidden MAX_FILE_SIZE field? If your script is supposed
to check the file size to make sure it's under that, you need to rethink
your security: anyone who knows what they're doing can easily change
that. Your script needs to have the maximum file size hard-coded.

<quote cite="http://www.php.net/manual/en/features.file-upload.php">

The MAX_FILE_SIZE hidden field (measured in bytes) must precede the file
input field, and its value is the maximum filesize accepted. (...) The
MAX_FILE_SIZE is advisory to the browser, although PHP also checks it.
Changing this on the browser size is quite easy, so you can never rely on
files with a greater size being blocked by this feature. The PHP-settings
for maximum-size, however, cannot be fooled. You should add the
MAX_FILE_SIZE form variable anyway as it saves users the trouble of waiting
for a big file being transferred only to find that it was too big and the
transfer actually failed.

</quote>

:-]

"Alan J. Flavell" wrote

Ivo wrote

<input type="hidden" name="MAX_FILE_SIZE" value="7340032">

You really haven't grasped the concept of web security, have you?

I refer to my second post in this thread. In my concept security is handled
on the server. But have you grasped the concept of user-friendliness?
Cheers,
Ivo

Do yourself a favour, look up "aspUpload" by Persits software. Its cheap,
and works.

PW wrote:

Do yourself a favour, look up "aspUpload" by Persits software. Its cheap,
and works.

Or use any other environment than ASP.

ASP is the only environment where saving files isn't built in. MS fixed
that in ASP.net.

Perl and PHP have always had that as part of the core function. Perhaps
the core function of ASP is to spend money?

Jeff

In article <Tx*****************@newsread3.news.atl.earthlink. net>,
je**@spamalanadingong.com says...

Do yourself a favour, look up "aspUpload" by Persits software. Its cheap,
and works.

Or use any other environment than ASP.

Which is a good idea, but quite possibly not an option.
--
WebcastMaker
The easiest and most affordable way to create
Web casts, or put presentations on the Web.
www.webentations.com

Jeff Thies wrote:

PW wrote:

Do yourself a favour, look up "aspUpload" by Persits software. Its
cheap,
and works.

Or use any other environment than ASP.

ASP is the only environment where saving files isn't built in. MS fixed
that in ASP.net.

Perl and PHP have always had that as part of the core function. Perhaps
the core function of ASP is to spend money?

Jeff

We use this... excellant little tool.
--
x theSpaceGirl (miranda)

# lead designer @ http://www.dhnewmedia.com #
# remove NO SPAM to email, or use form on website #

Thanks for this and for all the other replies, however these aren't much
good to me. As explained, I need to upload to an FTP site.

I don't have a server, I just have an HTML editor (FrontPage 2003) and
standard web hosting by my ISP (blueyonder).

What I want is a simple tool on my site that will let users place files in
my FTP whilst masking my password. Anyone?

Thanks.

Mark

"Leif K-Brooks" <eu*****@ecritters.biz> wrote in message
news:2m************@uni-berlin.de...

Mark Hamptons wrote:

Hi, I've scoured sites like Bravenet but cannot find what I want, which is a ready to go tool that will let me place an Upload button on my web site.
When clicked this will give the visitor a Browse window to select a file
from their HD and upload it to my FTP site. Obviously the visitor will not see my FTP password or have access to it.

http://www.hotscripts.com/PHP/Script...ems/index.html

Mark Hamptons wrote:

Thanks for this and for all the other replies, however these aren't much
good to me. As explained, I need to upload to an FTP site.

I don't have a server, I just have an HTML editor (FrontPage 2003) and
standard web hosting by my ISP (blueyonder).

What I want is a simple tool on my site that will let users place files in
my FTP whilst masking my password. Anyone?
Can't be done client side (think about it), which is what you've limited
yourself to. You'll need to change webhost and then you'll have options.

Jeff
Thanks.

Mark

"Leif K-Brooks" <eu*****@ecritters.biz> wrote in message
news:2m************@uni-berlin.de...

Mark Hamptons wrote:

Hi, I've scoured sites like Bravenet but cannot find what I want, which
is a
ready to go tool that will let me place an Upload button on my web site.
When clicked this will give the visitor a Browse window to select a file
from their HD and upload it to my FTP site. Obviously the visitor will
not
see my FTP password or have access to it.

http://www.hotscripts.com/PHP/Script...ems/index.html

Mark Hamptons wrote:

What I want is a simple tool on my site that will let users place files in
my FTP whilst masking my password. Anyone?

You *might* be able to find the source code Java applet that can FTP files
and then hard code your login details into it.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Now Playing ~ ./weezer_-_island_in_the_sun_.ogg

Toby Inkster wrote:

You *might* be able to find the source code Java applet that can FTP files
and then hard code your login details into it.

And then someone will use a Java decompiler on it.

Leif K-Brooks wrote:

Toby Inkster wrote:

You *might* be able to find the source code Java applet that can FTP files
and then hard code your login details into it.

And then someone will use a Java decompiler on it.

True, though it's the best I could come up with at short notice.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Now Playing ~ ./dubstar/not_so_manic_now.ogg

As an alternative, are there any services you guys know of that will provide
storage space free of charge (advertising based is fine) and allow anyone to
upload to it via a hyperlink I can put on my site -- kind of like an FTP
with no password?

Thanks for all your help so far :)

"Toby Inkster" <us**********@tobyinkster.co.uk> wrote in message
news:pa****************************@tobyinkster.co .uk...

Leif K-Brooks wrote:

Toby Inkster wrote:

You *might* be able to find the source code Java applet that can FTP files and then hard code your login details into it.

And then someone will use a Java decompiler on it.

True, though it's the best I could come up with at short notice.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Now Playing ~ ./dubstar/not_so_manic_now.ogg