Looking at this youtube video https://you[DELETED]_Ws8 DL Document Ticket Service appears to be an elegant solution for sending and receiving large files using a web site without using third party file sharing sites. However the installation instructions are expressed opaquely without examples of common implementation and it seems to me expert unix, website development skills and great guesses and inferences are thus needed to understand them. Perhaps by design to scare off novice developers like me? My comments and questions about the vagaries of the installation instructions which follow are in CAPS and between !!. Any insights into or comments on what these instructions mean? Installation The installation is divided into three steps: Installation of the files Database creation/setup or database upgrade Initial user creation Due to the number of possible configurations, the installation must be carried on manually. !!SIGH!! DL installation Copy the htdocs directory contained in the archive to a directory of choice under your web server. WHAT PRECISELY IS THE "WEB SERVER" – DOES THIS MEAN PUBLIC_HTML ROOT? I APPRECIATE THERE DIFFERENT WEB SITE CONFIGURATIONS ARE POSSIBLE. IS THE HTDOCS ROOT INCLUDED IN THE COPY? HOW IS THE NAME OF THE DIRECTORY OF CHOICE REFERENCED? HTDOCS FROM DL HAS SUB-DIRECTORIES WITH NESTS. I ONLY HAVE CPANEL WIDGETS FOR MY SHARED HOSTED SITE. IS THERE A WIDGET WHERE MULTIPLE DIRECTORIES CAN BE COPIED? I FOUND I COULD ONLY COPY EACH DIRECTORY ONE DIRECTORY AT A TIME. Copy include/config.php.dist to either include/config.php or /etc/dl.php and customize as needed. This usually means changing the URL and E-Mail of the service. WHY IS THIS SO IMPRECISE? ISN’T IT INEVITABLE THAT THESE CHANGES WILL NEED CUSTOMISING TO THE SITE WHERE DL IS UPLOADED? Ensure the include and style/*/include directories are not directly accessible externally. Type http://dl.example.com/include/config.php and verify that you correctly get an "Access Denied" error. I GOT A "CAN’T FIND" ERROR. THAT SORT OF FOLLOWS FROM MY FIRST PROBLEMS WITH THE INPRECISION OF WHERE THE DL DIRECTORIES ARE TO GO ABOVE. If you use Apache, the provided .htaccess files should be already sufficient; consult your web server documentation otherwise. Create a spool directory that will be used by the service to store the files, user and ticket information. This directory should be outside of the document root of your web server. Fix the permissions so that PHP has read/write access to it. WHERE PRECISELY IN THE FILE HIERARCHY? WHAT SHOULD THE DIRECTORY BE NAMED? OR IS IT VAR/SPOOL BASED ON WHAT FOLLOWS? In the provided include/config.php this is configured as /var/spool/dl. If you web server runs as "nobody:nogroup", issue: mkdir -p -m770 /var/spool/dl chgrp nogroup /var/spool/dl to create correctly this directory. Create a database (as described in Database setup). Create at least one user (as described in Internal authentication). Database setup DL needs a database to store the ticket and user information. By default, DL will use an embedded "sqlite" database stored within the spool directory, but some manual setup is still required. To create the database, you need the sqlite3 command. On Ubuntu/Debian, sqlite3 can by installed by executing: sudo apt-get install sqlite3 WHICH CPANEL WIDGET IS USED FOR EXECUTING THE UNIX COMMAND/S – SSH? You should then execute the provided SQL batch for SQLite with the same user as your web server (by using su or sudo if necessary): cd /var/spool/dl/ sqlite3 data.sdb < /your-installation-directory/include/scripts/db/sqlite.sql chmod 660 data.sdb DITTO If you want to change the database path, or use a real database server, you need to properly configure the $dsn parameters in include/config.php according to your setup. The DSN string changes according to the PDO module that you want to use. Please see one of: SQLite DSN MySQL DSN PostgreSQL DSN for the most popular configuration choices. When a username/password is required, using the appropriate variables $dbUser/$dbPassword is preferred instead of embedding the values in the DSN string. The directory include/scripts/db/ provides SQL initialization scripts for SQLite, MySQL and PostgreSQL. PHP setup The following parameters are required to be set in your php.ini: date.timezone: must be set to your system preference. session.auto_start: must be "Off". The maximal upload limit is determined by several PHP configuration parameters. Check your php.ini for: upload_max_filesize: change as needed. post_max_size: must be at least 1M larger than upload_max_filesize. session.gc_maxlifetime: must be long enough to allow large uploads to finish. All the above settings can be configured per-directory and affect only DL. In addition, the following parameters need to be set for the entire PHP server: file_uploads: must be "On". upload_tmp_dir: ensure enough space is available for temporary files. max_file_uploads: change as needed. The upload limit as shown in the submission form is determined automatically from the upload_max_filesize parameter. Any upload beyond post_max_size will be completely ignored: users will get a blank page instead of an error message. You should raise post_max_size above upload_max_filesize to get an acceptable "error window" in old browsers or browsers with JavaScript disabled. session.gc_maxlifetime (which is in seconds) needs to be long enough for your users to complete a large upload. Uploading 500MB on a slow ADSL connection can take as much as 12 hours, so set it to at least 43200. If PHP was built as an Apache module you can set per-directory parameters through .htaccess (see http://www.php.net/manual/en/configuration.changes.php) or directly inside your Apache’s configuration (see Apache/mod_php for an example). The provided htdocs/.htaccess contains a reasonable pre-set, but requires AllowOverride All to be set for the directory in your main configuration. User setup DL can use both an internal and an external user database, by trusting the authentication credentials provided by your web server. dl supports both "normal" users and "administrators". A normal user can only see and manage tickets created by himself. Administrators can see/manage all the tickets. Internal authentication Once dl has been installed and PHP is set-up correctly, you have to create at least one user to be able to log in. User management is handled through the command line by using the bundled useradmin.php utility. On the server, execute the following commands with the same user as your web server (by using su or sudo if necessary): cd /your-installation-directory/include/scripts php useradmin.php add "admin" "true" "change me" where: admin is the user name true (or false) sets the administrator status change me is the password Repeat as many times as necessary. You should now be able to use the web service. Other users/administrators can be added through the web interface. External authentication External authentication should be the preferred form of authentication for corporate use since it supports whatever authentication scheme your web server already supports (for example, LDAP, ActiveDirectory, etc). To enable external authentication you have to protect the two files: admin.php rest.php using a "Basic" authentication scheme. You should then set $authRealm to the same authentication realm used in your web server. The other files must not be protected. DL will implicitly trust the credentials provided by the web server. All users are logged in as "normal" by default. The only setup required is adding the administrators with useradmin.php without using any password. Logout with HTTP authentication is not guaranteed to work: users should simply close their browser to clear their session (closing a tab or window is not enough in many browsers). Currently, logout works as expected on: Firefox Safari Google Chrome/Chromium Logout does not work on: Internet Explorer 7/8. Opera 9/10. Again, only the Basic authentication is supported, which transmits the password in clear-text unless you use SSL. When using external authentication, the HTTP header USER_EMAIL can additionally provide the user’s default email address. Such header is provided automatically, for example, when using "LemonLDAP::NG".
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)
Submit an article or tip