I want to upload a file to an FTP server, but the file content is held in a variable, not in an actual local file. I want to avoid using a file; this is to avoid security risks when dealing with sensitive data on a (possibly) not-so-secure system(*), as well as to minimize the (already low) overhead of file handling.
但是 PHP 的 FTP API 只提供了从本地文件上传文件的功能ftp_put http://php.net/manual/en/function.ftp-put.php或(当文件已作为文件句柄打开时)ftp_fput http://php.net/manual/en/function.ftp-fput.php.
目前,我将此功能与临时文件一起使用,在上传之前在其中写入内容:
$tmpfile = tmpfile();
fwrite($tmpfile, $content);
fseek($tmpfile, 0);
ftp_fput($ftp, $filename, $tmpfile, FTP_BINARY);
有没有一种更简单的方法,根本不使用本地(PHP)站点上的文件?
有ftp_raw http://php.net/manual/en/function.ftp-raw.php它可以用来发送任意命令,所以我可以发出PUT
手动命令,但是我没有找到在数据通道上手动写入数据的方法......
我不知道这是否重要,但 FTP 连接是通过 SSL 保护的(ftp_ssl_connect http://php.net/manual/en/function.ftp-ssl-connect.php).
(*) Consider the scenario where an attacker has read-only control over the entire file system.