Session Handling

Articles

a quick look at FTP commands

Swing Slow paint problem.

Mega Upload - PHP upload progress bar.

Web Based FTP and Session Management

A web server isn't expected to remember you between to different page requests, so then how does our client identify a FTP connection as belonging to you? the answer is sessions.

PHP sessions can be used to store user data. However a socket connection cannot be serialized in PHP. As a result you cannot save the connction to the server in your session. That means you need to open a connection and login each on each page.

In fact if you tried out our file retrieval demo you might have seen a small lag before the file->save as dialog pops up. This is the time taken to make a fresh connection to the server. It is true that doing this on each page results in a small overhead, but when you consider the benefits and the fact that each file transfer anyway results in opening a new connection it does seem worth while.

We have just said that sockets cannot be persisted using sessions, so what do we save anyway? What we save is the hostname, username and password for the server. Now it's usually considered bad practice to store usernames and passwords in sessions, but we are not concerned about it because FTP itself isn't the most secure protocol.

If you are really concered about security we suggest that you switch to SFTP and can highly recommend the SFTP applet by Rad Inks. 

  
  		session_start();

		/* make sure we are not troubled by wrong ordering */
		$user = trim($_REQUEST["user"]);
		$password = trim($_REQUEST["password"]);
		$hostname = trim($_REQUEST["hostname"]);


		/* clean up previously saved stuff (if any) */
		session_unregister("hostname");
		session_unregister("user");
		session_unregister("password");

		/* save the current stuff */
		session_register("hostname",$hostname);
		session_register("user",$user);
		session_register("password",$password);

In addition to storing server information we also need to save the Path to Working Directory and change into it on each page. We will look at this more closely in the third part of this article - Managing directories. And in the last section we will look at how files can be uploaded with our client.

You may think that opening and closing a FTP connection with each page is inefficient, this is just a drop in the bucket since each time you retrieve a directory listing or download or upload a file you are opening a new data connection. Multithreaded clients may open several connections at once but some of the better ones like the Rad Inks Applet reuses idle connections

dislaimer: I work for Rad Inks


Short cuts
  Part 1   Introduction , Data Connection , Directory List , demo
  Part 2   Architecture , Downloading , Demo , Sessions
  Part 3   CWD , CDUP , Where am I? , Prune and Graft
  Part 4   Upload , Rename , Demo
Copyright © Raditha Dissanayake 2010