Search

GlobalSCAPE Knowledge Base

Create and Manage Temporary users in EFT Server

EFT

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT Server Enterprise version 5.x

DISCUSSION

Using EFT Servers event rules and COM API along with PHP code the administrator can create a temporary account on the server that restricts the account to downloading a file once, after which the account is blocked from downloading anything else.

One scenario for temporary user creation would be for distributing a document purchased by a user via the organization’s web site. In this scenario, after the user has purchased the digital document(s), the web server would invoke a PHP script that would create the temporary user in EFT Server with the appropriate download permissions and send the user an e-mail with their temporary FTP account login information.

Once the user downloads the purchased document, EFT Server would trigger another PHP script that will block the user from downloading any further documents. Unfortunately there is no way to actually REMOVE the user’s account via COM when the user is logged in, therefore the script simply sets the max download size setting to “0” for the temporary user (after the file has been downloaded), which renders the account ineffective to a certain degree. The administrator can manually delete the user at a later time, or another script can be developed that will delete the user’s account after the user logs out, also outside the scope of this document.

Prerequisites

  1. Download the latest version of PHP and install it on the server on which EFT Server resides.
  2. Follow your PHP manual’s instructions on how to call PHP scripts from your Web server. In the first example below we will call the PHP script from the command line.
  3. For the e-mail portion to work, you will need to properly configure your SMTP server settings in PHP’s PHP.ini file, outside the scope of this tutorial.
  4. This does not work for AD authentication accounts.
  5. Make sure you have remote administration enabled in EFT Server’s Remote Administration page under Server properties and that you’ve recorded the remote admin port, and admin username and password.
  6. Make sure the service account used by EFT Server has write privileges to run php.exe. By default EFT Server uses the Local System account which should have the necessary rights.

Creating the Temporary User

  1. Carefully copy the entire CreateTempUser.php PHP script under Appendix A below into notepad, from <?PHP to ?>
  2. Be sure to change the EFT Server host address, port (1100 by default), admin username and password variables to the correct values (located at the beginning of the script).
  3. Save the file as CreateTempUser.php
  4. If you have PHP installed, you can test it from the command line as follows:

    a. Start -> Run and then type CMD and press ENTER.

    b. Locate the path to your PHP executable

    c. Type <path to php>\php.exe –f CreateTempUser.php <e-mail address> <folder path> and press enter.

NOTE: The e-mail address is the e-mail that the user will receive the account login instructions on. The folder path is the relative path from the server root that the user will login to. For example:

C:\php437\php.exe -f CreateTempUser.php user@mail.com /Pub/

Each time the script is called, it will create a new user. You can check this by logging in to the EFT Server interface and refreshing the user list.

Setting up EFT Server to block the user from downloading after the initial download attempt

1. Carefully copy the entire Downloaded.php script under Appendix B below into notepad, from <?PHP to ?>

2. Be sure to change the EFT Server host address, port (1100 by default) and admin username and password variables to the correct values (located at the beginning of the script).

3. Save the file as Downloaded.php, preferably to your PHP folder. In this example, c:\php437

4. Create a new Custom Command that launches the PHP executable and that requires 1 parameter.

Page 1 of New Custom Command

Page 2 of New Custom Command

  1. Click pply to save the command
  2. Now create a new Event Rule that will fire when a file is download (On File Download)
  3. Optionally set a condition that will further refine the rule to only trigger if a specific file is encountered, such as document.doc but not readme.txt for example.
  4. Add an Execution action and select the new Custom Command you just created (PHP in this example)
  5. Specify the command parameters as follows: -f downloaded.php "%USER.LOGIN%" .The User.Login variable will be populated by the user’s temporary account name automatically when the user downloads the file and the rule is triggered.
  6. Enter the path to whether the script is located under the Specify command working folder. C:\php437 in the example below.

On File Download rule calling an action to execute the PHP Custom Command

Conclusion

When the web server invokes CreateTempUser.php, the temporary user gets created and the user will receive an e-mail with the FTP login information. When the user downloads the file, Downloaded.php is invoked by EFT Server and the user’s download quota is set to 0.

Max download size

APPENDIX A: CreateTempUser.php Script Source

<?php

/*===========================================================================

*= File: CreateTempUser.php

*= Created: 07/20/2004 WHT

*= Purpose:

*= Create a new temporary user and send email notification,

*= the user name begin with temp_

*= NOTES:

*= Command Paramaters:

*= User email address, download folder

*=

*= USAGE:

*= php -f CreateTempUser.php <user email address> <the download folder>

*= EXAMPLE:

*= php -f CreateTempUser.php user@mail.com /Pub/

*= NOTE

*= REQUIRES PHP 4.3.3 or above version

*=

*===========================================================================

*/

 

$EFTaddr = "localhost";

$EFTport = 1100;

$EFTuser = "test";

$EFTpass = "test";

//Check if command line parameters is set

if ($argc != 3)

{

ECHO "Insufficient arguements. Provide e-mail and directory name.";

exit;

}

//Create Server Object

echo "Creating object...\r\n";

$SFTPServer = new COM("SFTPCOMInterface.CIServer");

if (isset($SFTPServer))

{

//Connect to Server Engine

//VERY IMPORTANT! CHANGE THE HOST ADDRESS, PORT, ADMIN USERNAME, and ADMIN PASS

$SFTPServer->Connect($EFTaddr, $EFTport, $EFTuser, $EFTpass);

//Get the site list

$Sites = $SFTPServer->Sites();

//Choose the first site

$Site = $Sites->Item(0);

if (isset($Site) && $Site != NULL)

{

//Create a new user name, the prefix of user name is temp_

$username = "temp_" . mt_rand(1, 8000);

//Create password

$tempstr = time() . mt_rand(1, 8000);

$userpass = substr(md5($tempstr), 0, 8);

//Create the user

$Site->CreateUser($username, $userpass, 0, $username);

//Give the download permission of the specified folder to this user

$NewPermission = $Site->GetBlankPermission($argv[2], $username);

$NewPermission->FileDownload = TRUE;

$Site->SetPermission($NewPermission);

 

$UserSettings = $Site->GetUserSettings($username);

//Set the user's email address

$UserSettings->Email = $argv[1];

//Enable the home directory

$UserSettings->SetHomeDir(1);

//Set the directory

$UserSettings->SetHomeDirString($argv[2]);

 

//Apply the change

$SFTPServer->ApplyChanges();

 

//Send mail to notify the user

$title = "Your temporary FTP account is set up";

$body = "Dear Sir or Madam:\n\nYour temporary FTP account is set up.\nThe user name is $username and ".

"password is $userpass.\nThis account will be deleted immediately after you download a file.\n\n\nSincerely yours";

$headers = 'From: webmaster@example.com' . "\r\n";

@mail($argv[1], $title, $body, $headers);

}

exit;

}

ECHO "Failed to instantiate Server object.";

?>

 

APPENDIX B: downloaded.php Script Source

<?php

/*===========================================================================

*= File: downloaded.php

*= Created: 07/20/2004 WHT

*= Purpose:

*= Set the max download size for the specified user to 0 after this user

*= successfully downloaded file from FTP server.

*= NOTES:

*= Event Rule: On File Download

*= Command Paramaters:

*= -f downloaded.php "%USER.LOGIN%"

*=

*= USAGE:

*= php -f downloaded.php <user name>

*= EXAMPLE:

*= php -f downloaded.php temp_1110

*= NOTE

*= REQUIRES PHP 4.3.3 or above version

*=

*===========================================================================

*/

 

$EFTaddr = "localhost";

$EFTport = 1100;

$EFTuser = "test";

$EFTpass = "test";

 

//Check if user name is set

if (($argc != 2) || empty($argv[1]))

{

ECHO "Insufficient args";

exit;

}

//Create Server Object

$SFTPServer = new COM("SFTPCOMInterface.CIServer");

if (isset($SFTPServer))

{

//Connect to Server Engine

//VERY IMPORTANT! CHANGE THE HOST ADDRESS, PORT, ADMIN USERNAME, and ADMIN PASS

$SFTPServer->Connect($EFTaddr, $EFTport, $EFTuser, $EFTpass);

//Get the site list

$Sites = $SFTPServer->Sites();

 

//Choose the first site

$Site = $Sites->Item(0);

if (isset($Site) && $Site != NULL && substr($argv[1], 0, 5) == "temp_")

{

//$result = $Site->RemoveUser($argv[1]);

$UserSettings = $Site->GetUserSettings($argv[1]);

//Set max download size to 0

$UserSettings->SetHasMaxDownloadSize(1);

$UserSettings->SetMaxDownloadSize(0);

//Apply the change

$SFTPServer->ApplyChanges();

}

exit;

}

ECHO "Could not instantiate com object";

?>

 

Details
Last Modified: 13 Years Ago
Last Modified By: GlobalSCAPE 5
Type: HOWTO
Rated 1 star based on 9 votes.
Article has been viewed 46K times.
Options
Also In This Category
Tags