FTP authentication via MySQL DB

DaveTMN

Yo,

I have a web site (Apache/PHP/MySQL) on a host, where users could register and have their own private access. Their login/pwd are stored in MySQL DB on this server.

I want to offer them to download some files, once they are correctly logged on my site. These files are stored on another host (other IP address) which is a Linux FTP server.

How could I do to make FTP server checks login/passwd into the distant MySQL DB, instead of local /etc/passwd.
FTP server flavour is vsftpd.

I read some lines about PAM-MySQL but there are so few details, and moreover it seems it is an old project. So, I still have no idea.

Any help would be appreciated 🙂

Roger_Ramjet

Don't know about PAM etc, but one work around would be for your server to fetch the file and pass it to the user. You could hard code the password into your script and authenticate the user yourself.

DaveTMN

Thank you for the answer.
But tell me how I can manage to make my server pass the file.

The workaround I have found and developped is the following :

once the user is authenticated, a page is generated with a link to start the download of the file.
When the user clicks the link, a special encrypted key is sent to server, decrypted then a matching record is searched in DB. This record contents the name of the file to download on the FTP server.
Then a PHP script start a connexion to the FTP server, using always the same login/passwd (private), to download the file on the webserver. Once it is done, a javascript spawn the download of the file from my webserver to the client navigator...

This is not very efficient, since there are TWICE the same download of the file. And it happens I have files larger than 300MB... 🙁

I'll be glad if you can suggest me a one-pass method.

Thank in advance

Roger_Ramjet

Nope, yours is pretty much what I meant, grab it from the other server store in a temp dir and then let the user download it.

If your script can authnticate itself with the other server then file_get_contents might do the trick. I believe that it can be used with FTP, but you'd have to dig through the manual to confirm that. It pulls the file as a string which your server can then do what it wants with, including, I suppose, piping it to the client.