LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 03-14-2010, 02:04 PM   #1
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Rep: Reputation: 33
[PHP] connection to remote server to edit file


I hope this is the correct subforum for my question. I'll give it a try.

I have a webGUI in php where users can make certain settings.
How can I edit a file on a remote server from my php webserver ?

Currently I use my FTP client, vsFTPd and a chrooted user in a specific directory where the file resides.

I think this is pretty save as long a nobody else uses my FTPclient.

How can I make changes to this file on the remote server from within my php-code on my webserver ?? (so that not I need to make the changes but my users can do it from a html-form)

I found this but the credentials for the FTP-connection are plain :

<?php
$file = fopen ("ftp://loginasswd@server", "w");
if (!$file) {
echo "<p>Unable to open remote file for writing.\n";
exit;
}
/* Write the data here. */
fwrite ($file, "blablabla");
fclose ($file);
?>

I use https for the webGUI, but I guess this does not mean the connection to the remote server will be encrypted also ?!

Has anyone a safe solution, some documentation on a certain technique that I can use ??

Can I use my FTP-user (has no shell) from within php to edit the file ?
 
Old 03-15-2010, 07:35 AM   #2
scheidel21
Senior Member
 
Registered: Feb 2003
Location: CT
Distribution: Debian PPC/i386/AMD64 6/7, Vista, XP , WIN7, Server 03/08
Posts: 1,287

Rep: Reputation: 97
I don't know a whole lot about PHP programming but if you want a secure connection to your server use a chrooted user and also use secure ftp or scp (SSH file copy) to do what you want.
 
Old 03-15-2010, 08:21 AM   #3
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Original Poster
Rep: Reputation: 33
Quote:
Originally Posted by scheidel21 View Post
I don't know a whole lot about PHP programming but if you want a secure connection to your server use a chrooted user and also use secure ftp or scp (SSH file copy) to do what you want.
That is what I use now, but how to implement such secure connection inside php ??
 
Old 03-15-2010, 09:05 AM   #4
Guttorm
Senior Member
 
Registered: Dec 2003
Location: Trondheim, Norway
Distribution: Debian and Ubuntu
Posts: 1,135

Rep: Reputation: 230Reputation: 230Reputation: 230
Hi

If your FTP server supports SSL, you can try to change ftp:// to ftps://. But it will fall back to regular ftp if the server does not support SSL.

http://www.php.net/manual/en/wrappers.ftp.php

You can also use ssh but you then will have to add an ssh extension with pecl.

http://www.php.net/manual/en/wrappers.ssh2.php

Another option is to do the "editing" locally, and use the system command or similar to execute ssh commands to do the transfer.
 
Old 03-15-2010, 10:04 AM   #5
Xyro
LQ Newbie
 
Registered: Aug 2009
Location: Canada
Distribution: Ubuntu 9.04
Posts: 22

Rep: Reputation: 19
Quote:
Originally Posted by jonaskellens View Post
I found this but the credentials for the FTP-connection are plain
Are you just worried about the credentials being plain text? Remember, PHP is server-side, so you need not worry about the content being exposed. If you're super paranoid, place the credentials in a PHP file outside the HTTP directory and include() it from within. Or, if this is not your concern, please disregard.
 
Old 03-15-2010, 11:47 AM   #6
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Original Poster
Rep: Reputation: 33
Quote:
Originally Posted by Xyro View Post
Are you just worried about the credentials being plain text? Remember, PHP is server-side, so you need not worry about the content being exposed. If you're super paranoid, place the credentials in a PHP file outside the HTTP directory and include() it from within. Or, if this is not your concern, please disregard.
Well, my server is a VoIP-server and I don't want crackers calling hours and hours and my customers getting the bill presented.
So yes I'm pretty paranoid about security.

On the other end I want to give my customers a webGUI to edit their VoIP-settings, but it must be safe at all time !


The following is not working and I'm not getting any error :

<?php

error_reporting(E_ALL);

$file = fopen ("ftp://user1:user1@192.168.1.150/testfile", "w");
if (!$file) {
echo "<p>Unable to open remote file for writing.\n";
echo $file;
} else {
echo "<p>Remote file opened for writing.\n";
}
/* Write the data here. */
fwrite ($file, "blablabla");
fclose ($file);
?>

Output is : Unable to open remote file for writing.

Shouldn't I be getting a reason back from fopen() why it fails ?? (like connection problem or can't find file)

'user1' with passwd 'user1' is chrooted in the directory where the testfile resides.
Logging in works with the built-in Fedora ftp client .

Last edited by jonaskellens; 03-15-2010 at 11:49 AM.
 
Old 03-15-2010, 01:23 PM   #7
Xyro
LQ Newbie
 
Registered: Aug 2009
Location: Canada
Distribution: Ubuntu 9.04
Posts: 22

Rep: Reputation: 19
I suggest checking your local web server logs to see if it shows the error from fopen(). It could be anything from bad path to bad permissions.
 
Old 03-15-2010, 02:10 PM   #8
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Original Poster
Rep: Reputation: 33
Solution is :

// Allows overwriting of existing files on the remote FTP server
$stream_options = array('ftp' => array('overwrite' => true));

// Creates a stream context resource with the defined options
$stream_context = stream_context_create($stream_options);

// Opens the file for writing and truncates it to zero length
$fh = fopen($ftp_path, 'w', 0, $stream_context);
 
Old 03-15-2010, 02:17 PM   #9
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,096

Rep: Reputation: 369Reputation: 369Reputation: 369Reputation: 369
yer prolly looking for something more like this
Code:
function retrieve_file($filename,$remotefilename) {
    $met=fopen($filename,"w"); //local copy
    $retrieve=ftp_connect('ftp_site'); //open ftp connection
    ftp_login($retrieve,'ftp_username','ftp_pw'); //log in to ftp session
    ftp_fget($retrieve,$met,$remotefilename,FTP_ASCII); //retrieve the text FILE and write it to the local file
    fclose($met); //close the local file
    ftp_close($retrieve); //close the ftp session
}
then call it with
Code:
  retrieve_file("local_file","remote_file");
this takes advantage of php's native ftp abilities
then have the script edit the local copy of the file with a 're-sync' button that writes it back to the local copy and then fires a similar function to re-upload via ftp
just a thought

more can be found on php's website Here

Last edited by frieza; 03-15-2010 at 02:22 PM.
 
Old 03-18-2010, 03:59 AM   #10
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Original Poster
Rep: Reputation: 33
It works in my test-environment where I write from my local webserver to my local FTP-server.

But when I throw it in production, the following :
Code:
// The path to the FTP file, including login arguments
$ftp_path = 'ftp://a:a@x.x.x.x/testfile.txt';

// Allows overwriting of existing files on the remote FTP server
$stream_options = array('ftp' => array('overwrite' => true));

// Creates a stream context resource with the defined options
$stream_context = stream_context_create($stream_options);

// Opens the file for writing and truncates it to zero length
$fh = fopen($ftp_path, 'w', 0, $stream_context);
if (!$fh) {
echo "<p>Unable to open remote file for writing.\n";
} else {
echo "<p>Remote file opened for writing.\n";
echo $fh;
}
// Write the data here.
fwrite ($fh, "blablabla");
fclose ($fh);
always returns the following output :
Quote:
Remote file opened for writing. Resource id #2
Even with the credentials : ftp://a:a@x.x.x.x/testfile.txt (just like that)

The logfile of my vsFTPd-server shows no activity. Even when I use the correct FTP-user.
The FTP-user works great from an FTP-client (and then there is activity).

So why does $fh has a resource in stead of "FALSE" ??
 
Old 03-18-2010, 10:57 AM   #11
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Original Poster
Rep: Reputation: 33
Code:
//Openning an ftp connection
$conn = ftp_ssl_connect("x.x.x.x") or die("Could not connect");
ftp_pasv( $conn, true );
ftp_login($conn,"user","passwd"); //log in to ftp session

if( !$conn ){
    echo "FTP server connection error" . "<BR>";
    exit;
}
else{
   echo "Connected to FTP Server" . "<BR>";
}

echo "pwd: ".ftp_pwd($conn);

ftp_close($conn);
Using ftp_ssl_connect() the connection works, however I keep getting the following output in firefox :

Warning: ftp_login() [function.ftp-login]: Please login with USER and PASS. in /var/www/vhosts/xxx/httpdocs/test.php on line 6
Connected to FTP Server

Warning: ftp_pwd() [function.ftp-pwd]: Please login with USER and PASS. in /var/www/vhosts/xxx/httpdocs/test.php on line 16
pwd:
 
Old 03-19-2010, 08:31 AM   #12
Guttorm
Senior Member
 
Registered: Dec 2003
Location: Trondheim, Norway
Distribution: Debian and Ubuntu
Posts: 1,135

Rep: Reputation: 230Reputation: 230Reputation: 230
Hi

Your script connects, does a login, and then checks if it connected ok. It never checks if the login is ok, and according to the warnings, it looks like it fails.

Try this instead:

PHP Code:
$conn ftp_ssl_connect("x.x.x.x") or die("Could not connect");
ftp_pasv$conntrue );
echo 
"Connected to FTP Server" "<BR>";
if ( !
ftp_login($conn,"user","passwd") ) {
  die(
"ftp login failed");
}
echo 
"pwd: ".ftp_pwd($conn);
ftp_close($conn); 

Last edited by Guttorm; 03-19-2010 at 08:33 AM.
 
Old 03-19-2010, 10:52 AM   #13
jonaskellens
Member
 
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 617

Original Poster
Rep: Reputation: 33
Quote:
Originally Posted by Guttorm View Post
Try this instead
Indeed it echoes "ftp login failed".

This 'user' has no shell (/sbin/nologin), is this necessary ??
This 'user' has no home-directory. Will ssl fail because of this ??
My vsFTPd-server supports ssl, but there is no certificate installed, can that be the issue with the login ??

Which logfile on my server could tell me what's wrong/missing ?
/var/log/messages and /var/log/vsftp.log are very quiet.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to edit remote file on linux ? kapilbajpai88 Linux - Newbie 5 09-05-2008 09:54 AM
Is it possible to allow just one PHP script to edit a file? fuzzyworm Programming 4 08-25-2008 06:47 AM
Remote Mysql Connection in PHP ElementNine Programming 2 05-03-2004 04:24 PM
X server keeps refusing remote X connection illuminatedwax Linux - General 3 04-16-2004 11:13 AM
Bluefish - How do you edit on a remote server? nchase Linux - Software 1 04-02-2004 08:11 PM


All times are GMT -5. The time now is 02:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration