Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
User Journal

WillAffleckUW's Journal: Using SFTP in a web page (really dumb question) 8

Journal by WillAffleckUW

OK, so today I'm trying to write a web page to link a bunch of known files and transfer them to another location.

Due to HIPAA and VA rules this has to be a secure file transfer, encrypted.

When they get to our site, they have to login as a specific user. The user belongs to a group. The site forces HTTPS secure connection if they try to come in as HTTP.

So, normally, if I wanted to provide a link to a file I would go something like this:


get important file

Can I just use SFTP in place of FTP? Or if I specify FTP will it literally invoke FTP on the browser end? Since the entire thing is running under SSL2 for SSH is this just plain overkill?

Or am I just being extraordinarily clueless?

I ask, cause normally I write code that uses PHP and runs MySQL commands and literally builds the output files - CSV, XLS, etc - from scratch, and sets the transfer type and authentication level. But this is so primative - a literal ONE FILE TRANSFER LINK - that I can't remember what to do, as the last time I did something like that, not using FOPEN() and scanning a dir and popping an array and building stuff was like ages ago in Internet time, and back then we used FTP.

THANKS!

This discussion has been archived. No new comments can be posted.

Using SFTP in a web page (really dumb question)

Comments Filter:
  • Just going thru all the W3C web stuff I get "These functions are meant for detailed access to an FTP server. If you only wish to read from or write to a file on an FTP server, consider using the ftp:// [ftp] wrapper with the Filesystem functions"

    As I'm reading it, it seems to be saying, based on some other areas, that since we're already running under HTTPS (secure SSL HTTP), the browser invocation of FTP will be in a secure instance and you can just use the "ftp://" invoke directly in an anchor tag, and it will

    • by Nethead (1563)

      Thanks for the update on what you found. I was about to try it and pull out a sniffer. I still may just to see exactly how the protocol works. To wet to weed-eat the yard anyway.

  • So, given it is running HTTPS with specific user name and specific login and in a specific directory, just provided a direct file link which shipped it over the connection and the browsers invoked the XLS and CSV translator programs they were specified to use, from which they were prompted to save.

    Geesh, that was too simple. I was thinking I'd have to specify it.

    Guess not.

    By the way, yes, our server runs under a credential that is NOT public. Makes us semi-invisible.

Building translators is good clean fun. -- T. Cheatham

Working...