I am trying to develop a RESTFUL API call in PHP , where someone will send me a file through the URL to upload
something like:
script.php?file_name=text.txt
is there away I can take text.txt and upload it in PHP?
To clarify:
lets put it this way , what are the ways that a end user could send a file to a PHP program?
The problem with this is that the REST server is not aware of the end user's machine in any way. So, say for instance that your end user is at yoursite.com/upload where they fill out a form with the upload credentials which posts to api.yoursite.com/uploads/do or whatever. As far as the api is concerned, yoursite.com is making the request, not the end user.
So, no. In my opinion there is no safe way to do this. The best alternative would be to upload the file and then HTTP POST the contents to the rest server. That can be tricky if the file is much larger than a few kilobytes, and you would want to do all sorts of security checking before writing the file to the server. The other option would be to use yoursite.com to upload the file to a temporary location and then send some information to the rest server with details on out to CURL the file contents from the first server. Also, can be insecure.
What problem are you trying to solve? What language framework? Can you give more details please?
Related
I wanna make my own little renderfarm-backend building on php and mysql. I have a huge plan for doing everything but there is one problem. How can I upload an image without a form?
Three alternatives:
you make exactly the POST request a browser would do when submitting an upload form, you do not need the form for that. It is a simple http POST. You can find countless examples for that here on SO or on google.
take a look at webdav, an http extension that allows flexible file access via http. Might make sense if you want to integrate your uploading into something like a local file manager or the like.
you use a file centered protocol for uploading, so implement the upload separate from the php stuff. sftp comes to mind here, but obviously you need to setup a separate server for that and map the file system locations as required. Also you have to take care of the file permissions.
I'm trying to build a basic web application using the Dropbox API. I have the file upload/folder listing etc. working but cannot find in the documentation how to force the file to download to the user's browser. Is this possible?
If it is can someone point me in the right direction? I'm using the standard PHP SDK.
Dropbox.com: How do I force a file to download from the web
Force a file or folder to download
To cause the browser to download a file or folder rather than display
it, you can use dl=1 as a query parameter in your URL. For example:
https://www.dropbox.com/s/qmocfrco2t0d28o/Fluffbeast.docx?dl=1 Note
that the original share link URL may contain query string parameters
already (e.g. dl=0), so app developers should make sure to properly
parse the URL and add or modify parameters as needed.
And if that doesn't suffice you can check Wikihow: How to Force a File to Download from the Web on Dropbox, with nice screenshots.
If this is not what you had in mind you have clarified that in your question. You still can do that now.
We're creating a form that allows users to upload large files. On mobile devices and slow connections, it might take a while to upload, so it seems important for this to be handled by an AJAX call that shows the users a progress bar (or something to let them know it's still working).
Here's the problem: The endpoint for the upload is a 3rd party API which expects our secret API key as one of the parameters. Here's a link directly to the section in their documentation. This API key cannot be exposed to the users on the client side.
My first instinct is to submit the form to an intermediate PHP script on our site, which has the API key, and then uploads the file to the API. But I'm pretty sure this will mean uploading the file twice: once to our server. Then again from our server to the API endpoint. Even if the form is submitted with AJAX, it's not a great result for the user to wait twice as long for it to complete.
So: What's the smoothest way to let users upload files while keeping our API key safe?
Some details that may or may not be important:
Our site is a PHP web app built on the CakePHP framework (v2.x). The files being uploaded are video files of all different formats between 1 and 5 minutes long. The API is a company called Wistia (see link to docs above). The file sizes seem to range from 3-30MB. We have no ability to change the way the 3rd party API works.
Uploading twice shouldn't be an issue - should it?
Its from your server to their API - this is what servers and APIs are meant for - exchanging data.
Javascript is not meant for this.
There is no way to hide it on the client, so your first instinct was correct - you will need to forward the file from the server.
It should be possible to read raw post stream from php://input, you can get the uploaded file from there (if you can parse it :)) and start upload to api server right away.
But even if the communication between mobile device and your script is slow, your script likely will likely upload fast to api server. So is it really needed?
Ok. I am a bit of a new developer and haven't done much work with networking (in general, not specifically obj-c). Basically, I need to record a file (I have code to do this), then upload it to a server. I've looked at code to upload to servers and it seems that all I need from the server side of things is a html upload page with a php script, which I have. Another option would be ftp/sftp, although this would be harder to implement. The problem is I need to have authentication for the upload, and preferably have a secure (https) upload, with a username and password. I cannot figure out how to do this. I would also need the server to send back a response to the app.
Also, are their any frameworks to make it easier to upload files? I know there was asihttprequest, but that was discontinued...
What would I need to make the server do to have authentication and authenticated uploads, and be able to return data back to the app? Sorry for such a n00by question, but if you could help that would be great.
Thanks
Check out AFNetworking. I really enjoy doing file downloads and uploads using AFNetworking. The FAQ even gives an example on how to upload a file and download a file. All you need server side is a PHP script to handle a POST file upload.
I'm working with a 3rd party API that allows me to upload a file to its database. This file has an specific format, but it's plain text.
What I want to do, is generate the text by myself with a PHP script on my own site and upload it to it's server like a file.
The catch is: I want to do this without have to save a temporary file on my own server and if possible, avoiding the use of cURL.
Thanks in advance.
file_put_contents('http://...', $your_text_file);
However, if the API has http basic auth on it, you'll ned to us a stream context to set all that up.