Omnimaga

General Discussion => Technology and Development => Web Programming and Design => Topic started by: Calcaholic on February 25, 2011, 05:50:00 pm

Title: Tobert´s WebAccess
Post by: Calcaholic on February 25, 2011, 05:50:00 pm

A short time ago I got the idea of a tool, that could simplify the access to domains for web-developers, for it is an alternative to ftp-programs.
It enables editing webpages directly on the server, without downloading the files even temporarily.
But of course it also contains the posibilties of up- and downloads and a plenty of features which I haven't implemented yet.

The program itself is primarily an web-explorer, programmed in PHP, that at first is meant to allow access to a web-server from everywhere without installing and configuring anything.

The following actions are available yet...
- browsing subdirectories
- deleting files and empty folders
- opening files out of the explorer
- editing files directly on the web with a preview-function


...and these are in process.
- deleting directories wether they're empty or not
- upload files
- download files
- search for filenames and/or content in a directory
- copy 'n paste
- simple html-editor
- password (elementary condition for use...)



For the tool can not be used yet, I can only provide screenshotsand  a parent-project for download , that actually is nothing but an explorer...

Spoiler For explore:

(http://i27.servimg.com/u/f27/14/27/51/87/explor10.jpg)

Spoiler For delete:

(http://i27.servimg.com/u/f27/14/27/51/87/delete10.jpg)

Spoiler For edit:

(http://i27.servimg.com/u/f27/14/27/51/87/edit_k10.jpg)

Spoiler For preview:

(http://i27.servimg.com/u/f27/14/27/51/87/previe10.jpg)

Title: Re: Tobert´s WebAccess
Post by: DJ Omnimaga on February 25, 2011, 08:44:08 pm

It seems interesting. Make sure it's very secure, though.

Title: Re: Tobert´s WebAccess
Post by: Calcaholic on February 26, 2011, 05:54:23 pm

I thought about a cookie that contains a randomly generated code which only is valid during the current session and is proofed using an document on the server which contains the same code.
This only enables acces from one computer at once, but it think this is'nt that bad in this case.

Maybe htaccess would be an alternatve...

However it logically will work only on servers which support php...

Title: Re: Tobert´s WebAccess
Post by: Deep Toaster on February 26, 2011, 06:22:19 pm

What about just not using cookies at all?

Title: Re: Tobert´s WebAccess
Post by: Calcaholic on February 26, 2011, 06:38:04 pm

I didn't think much about how to make the tool secure.
I was just playing with some ideas.
But I don't think, that this will get me in troubles for PHP-passwords are very secure at all.

Title: Re: Tobert´s WebAccess
Post by: Eeems on February 26, 2011, 08:51:16 pm

Actually, not to be a downer, or to stop you from working on this project or anything, but there are already multiple things out there that do this. Most hosts have a file explorer in their control panel, as well as text-editing capabilities. It's still a great project to work on though :)

Title: Re: Tobert´s WebAccess
Post by: Ikkerens on February 28, 2011, 02:37:04 am

Quote from: Eeems on February 26, 2011, 08:51:16 pm

Actually, not to be a downer, or to stop you from working on this project or anything, but there are already multiple things out there that do this. Most hosts have a file explorer in their control panel, as well as text-editing capabilities. It's still a great project to work on though :)

I once created one, but I lost it.
Anyway, I still learned alot from creating it.

And it also thought me a security lesson:
Don't let ppl create .php files on your demo server...
Lost the entire project due to that >.>

Title: Re: Tobert´s WebAccess
Post by: DJ Omnimaga on February 28, 2011, 02:49:32 am

Yeah that can be pretty bad. Also make sure people cannot upload them either. I remember people could do that on InvisionBoard 1.3, which my other forum used for a while. Every day I had to clean the folder from russian spam apps.

Title: Re: Tobert´s WebAccess
Post by: Ikkerens on February 28, 2011, 02:56:22 am

Indeed, but still, it teaches you a valuable security lesson ;)

Title: Re: Tobert´s WebAccess
Post by: DJ Omnimaga on February 28, 2011, 03:01:22 am

I know. Better not wait til damage is done and try to fix it, though, although the first time we don't know.

My 1and1 accoutn got suspended before because 10000 emails were sent from TIMGUL software that way. I couldn't figure out how to solve the problem other than switching to a more secure software, since I do not know PHP. It would have sucked if this happened 2 and half a year later, with Omnimaga on the same host. X.x

Title: Re: Tobert´s WebAccess
Post by: Munchor on February 28, 2011, 08:59:07 am

This seems like a very cool idea, good luck.

Title: Re: Tobert´s WebAccess
Post by: Calcaholic on March 05, 2011, 04:02:55 pm

I am sure that there already have to be tools like the one I'm planning, but I don't matter because i think of most of my programs mainly as a possibility to train my programming skills  and not as products of comercial or similar purpose.
So I will continue it allthough the idea is not really new at all... :)

Concerning security... I don't think that I have to make my tool more secure than an ftp-program, for it is meant to be used only by the administrators of the domain.
And you can't use this tool if you have no access to the server with ftp; or the owner of the domain tells you the password.

Title: Re: Tobert´s WebAccess
Post by: DJ Omnimaga on March 07, 2011, 04:03:43 am

Ah ok. Coding something to practice or improve your coding skills even if the thing was done before is a very good idea I think. Otherwise if you start something more complex without enough skills, you can lose motivation fast.

Title: Re: Tobert´s WebAccess
Post by: Munchor on March 12, 2011, 04:15:00 pm

Quote from: Calcaholic on March 05, 2011, 04:02:55 pm

I am sure that there already have to be tools like the one I'm planning, but I don't matter because i think of most of my programs mainly as a possibility to train my programming skills  and not as products of comercial or similar purpose.
So I will continue it allthough the idea is not really new at all... :)

Concerning security... I don't think that I have to make my tool more secure than an ftp-program, for it is meant to be used only by the administrators of the domain.
And you can't use this tool if you have no access to the server with ftp; or the owner of the domain tells you the password.

How's this coming along?