I need to upload a string of data (lots of numbers) into .txt file on my website. I'm using VB6 and was going to FTP the text file, but this is unsecure seein as i only have 1 ftp, and password, which will be in my program, and a simple bit of packet sniffing will get the whole lot...

Another idea i was going to try was using php (or simillar) and use the webbrowser control: webbrowser1.navigate "http://mysite.com/blah/page.php?" & (string) get the idea? then the php will write the string to the text file.

1). would this be possible?
2). How?

Thanks for any info

Dave

How is that any more secure? I don't think you need to worry about packet sniffing. Passwords are sent in the clear all the time, e.g. logging in to TPU.

- taubz

This doesn't mean you have to stand for it. =)

Try using a secure file transfer protocol like SCP instead.

packetsniffing won't be the big problem with your application if you do the FTP thing; the password (if stored as a string) will be plaintext in the final .exe (or whatever your distributing).

The php thing would be more secure, as you can control what effectivly gets stored (by filtering out any invalid data). You wouldn't even need to send any passwords.

It would be possible. The php page you'd need to write would be incredibly simple; I'd suggest that you go and read the PHP manual at http://www.php.net/

Thank you for your replies...i was going to have the password encrypted in the final exe, which was then decrypted at runtime (by the exe) but then i thought of the sniffing thing - It's not just people being able to get my password (well, it is..) but also if i change it...

The ftp/password thing wont be a probelm if a few people are using it...but imaging the problems if microsoft had their website passwords sent in plain text from MS/Word...hehe, major problems (i know i know, im not microsoft, but it's still similar!!!!---ish!)

Im using the following html/php to upload a file, which will be handled by upload.php

<html>
<head>
</head>
<form method="post" action="upload.php" enctype="multipart/form-data">
<input name="userfile[]" type="file">
<input type="submit" value="Upload" >
</form>
</body>
</html>

How could i get the file box to display a filename already when loaded? e.g. C:\textfile.txt and also, how how could i get the submit button hidden and automatically presses on startup? So effectively, page will upload a file whenever it is loaded... Any ideas?

Thanks for your time...

Dave

I don't think you can do that automatically; atleast JavaScript disables automatic submitting of forms containing files, and my guess is everything else will do aswell...
Would be a major security issue if people could upload any files from your HD "behind the scenes", ie. without asking the user.

Unless you're using HTTPS or another protocol, using forms or PHP or whatever is no more secure than plaintext.

You can probably use the VALUE attribute of INPUT to give a default upload file, and you can use JavaScript to press the submit button.

- taubz

I would use GET rather than POST to send your data. This means that you would just send a http request for a url like http://yoursite.com/messageup.php?message=Some+text+goes+here.

For some reason, I think I've said that before.

The input type "file" has value="C:\textfile.txt" that can be used to enter a default file.

If I remember correctly, IE and netscape will not send a default file (such as the value="blahblah.txt") OR a system file (anything in C:\windows\) without prompting the user first. If the user edits the field and it isn't a system file, then it doesn't bother prompting the user.

I don't know how the browsers deal with Javascript. I'd assume they don't let javascript edit inputs of type "file"

As for an immediate submit, you can probably do that using submit.

In the end, i used PHP,

webbrowser1.navgate www.blah.com/file.php?variable="DATA"

That worked fine :-)

Thanks for the help

Dave