Difference between revisions of "Events and Messages"

From ProVide DocWiki
Jump to: navigation, search
(Control file types with PHP)
(Added syntax highlighting)
Line 12: Line 12:
  
 
Contents of file "C:\Scripts\NotifyOnLoggedIn.cmd":
 
Contents of file "C:\Scripts\NotifyOnLoggedIn.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Setup variables
 
rem Setup variables
Line 25: Line 25:
 
if /I "%1" == "Administrator" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL
 
if /I "%1" == "Administrator" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL
 
if /I "%1" == "Backup" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL
 
if /I "%1" == "Backup" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL
if /I "%1" == "John" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL</pre>
+
if /I "%1" == "John" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL</syntaxhighlight>
  
 
==== Scan uploaded files for viruses with AVG ====
 
==== Scan uploaded files for viruses with AVG ====
Line 38: Line 38:
  
 
Contents of file "C:\Scripts\Scan.cmd":
 
Contents of file "C:\Scripts\Scan.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
"C:\Program\AVG\AVG8\AVGSCANX.EXE" /HEUR /ARC /CLEAN /SCAN=%1</pre>
+
"C:\Program\AVG\AVG8\AVGSCANX.EXE" /HEUR /ARC /CLEAN /SCAN=%1</syntaxhighlight>
  
 
==== Create thumbnails of uploaded images ====
 
==== Create thumbnails of uploaded images ====
Line 50: Line 50:
  
 
Contents of file "C:\Scripts\CreateThumbnail.cmd":
 
Contents of file "C:\Scripts\CreateThumbnail.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Extract file information and remove quotes
 
rem Extract file information and remove quotes
Line 67: Line 67:
  
 
rem Use ImageMagick to create thumbnails
 
rem Use ImageMagick to create thumbnails
convert "%FILE%" -resize 100x100 -quality 90 "%THUMBFILE%" >NUL</pre>
+
convert "%FILE%" -resize 100x100 -quality 90 "%THUMBFILE%" >NUL</syntaxhighlight>
  
 
==== Automatically backup a file before it is to be overwritten ====
 
==== Automatically backup a file before it is to be overwritten ====
Line 78: Line 78:
  
 
Contents of file "C:\Scripts\Backup.cmd":
 
Contents of file "C:\Scripts\Backup.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Extract file information and remove quotes
 
rem Extract file information and remove quotes
Line 85: Line 85:
  
 
rem Perform the backup
 
rem Perform the backup
copy /v /y "%FILE%" "%FILE%.bak" >NUL</pre>
+
copy /v /y "%FILE%" "%FILE%.bak" >NUL</syntaxhighlight>
  
 
==== Send email on FTP upload to a specific folder ====
 
==== Send email on FTP upload to a specific folder ====
Line 99: Line 99:
  
 
Contents of file "C:\Scripts\MailOnUploadEnd.cmd":
 
Contents of file "C:\Scripts\MailOnUploadEnd.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
 
REM Filenames may need special character codes.
 
REM Filenames may need special character codes.
 
chcp 1252
 
chcp 1252
Line 114: Line 114:
 
C:\Scripts\MailTemplate.cmd %2 | C:\Scripts\msmtp\msmtp.exe mailinglist@example.net
 
C:\Scripts\MailTemplate.cmd %2 | C:\Scripts\msmtp\msmtp.exe mailinglist@example.net
 
)
 
)
)</pre>
+
)</syntaxhighlight>
  
 
Contents of file "C:\Scripts\MailTemplate.cmd":
 
Contents of file "C:\Scripts\MailTemplate.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
setlocal enableDelayedExpansion
 
setlocal enableDelayedExpansion
Line 125: Line 125:
 
echo SUBJECT:New file uploaded %~nx1!NL!
 
echo SUBJECT:New file uploaded %~nx1!NL!
 
echo And here's a link to it.!NL!http://www.test.com/%~nx1!NL!
 
echo And here's a link to it.!NL!http://www.test.com/%~nx1!NL!
EndLocal</pre>
+
EndLocal</syntaxhighlight>
  
 
== Proactive ==
 
== Proactive ==
Line 145: Line 145:
  
 
Contents of file "C:\Scripts\OfficeHours.cmd":
 
Contents of file "C:\Scripts\OfficeHours.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Extract current hour
 
rem Extract current hour
Line 155: Line 155:
 
rem Deny access outside office hours
 
rem Deny access outside office hours
 
if /I %hour% LSS 8 exit 1
 
if /I %hour% LSS 8 exit 1
if /I %hour% GEQ 18 exit 1</pre>
+
if /I %hour% GEQ 18 exit 1</syntaxhighlight>
  
 
==== Only allow upload of specific file types ====
 
==== Only allow upload of specific file types ====
Line 168: Line 168:
  
 
Contents of file "C:\Scripts\CheckFileType.cmd":
 
Contents of file "C:\Scripts\CheckFileType.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Extract file information and remove quotes
 
rem Extract file information and remove quotes
Line 183: Line 183:
  
 
rem Nothing else is allowed
 
rem Nothing else is allowed
exit 1</pre>
+
exit 1</syntaxhighlight>
  
 
==== Only allow SAP users to download SAP-documents ====
 
==== Only allow SAP users to download SAP-documents ====
Line 196: Line 196:
  
 
Contents of file "C:\Scripts\BusinessUser.cmd":
 
Contents of file "C:\Scripts\BusinessUser.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Extract file information and remove quotes
 
rem Extract file information and remove quotes
Line 212: Line 212:
  
 
rem All is OK
 
rem All is OK
exit 0</pre>
+
exit 0</syntaxhighlight>
  
 
==== Extreme login security using SMS audit ====
 
==== Extreme login security using SMS audit ====
Line 225: Line 225:
  
 
Contents of file "C:\Scripts\SMSAudit.cmd":
 
Contents of file "C:\Scripts\SMSAudit.cmd":
<pre>@echo off
+
<syntaxhighlight lang="dos">@echo off
  
 
rem Setup variables
 
rem Setup variables
Line 247: Line 247:
  
 
rem All is OK, go ahead with login
 
rem All is OK, go ahead with login
exit 0</pre>
+
exit 0</syntaxhighlight>
  
 
==== Control file types with PHP ====
 
==== Control file types with PHP ====
Line 254: Line 254:
  
 
PHP-Script "BeforeUpload.php":
 
PHP-Script "BeforeUpload.php":
<pre><?PHP
+
<syntaxhighlight lang="php"><?PHP
  
 
/**
 
/**
Line 300: Line 300:
 
}
 
}
 
die(1); //not allowed
 
die(1); //not allowed
?></pre>
+
?></syntaxhighlight>
  
 
PHP-Script "BeforeRename.php":
 
PHP-Script "BeforeRename.php":
<pre><?PHP
+
<syntaxhighlight lang="php"><?PHP
  
 
/**
 
/**
Line 358: Line 358:
 
}
 
}
 
die(1); //not allowed
 
die(1); //not allowed
?></pre>
+
?></syntaxhighlight>
  
 
PHP-Script "BeforeRemoveFile.php":
 
PHP-Script "BeforeRemoveFile.php":
<pre><?PHP
+
<syntaxhighlight lang="php"><?PHP
  
 
/**
 
/**
Line 407: Line 407:
 
}
 
}
 
die(1); //not allowed
 
die(1); //not allowed
?></pre>
+
?></syntaxhighlight>
  
 
PHP-Script "BeforeDownload.php":
 
PHP-Script "BeforeDownload.php":
<pre><?PHP
+
<syntaxhighlight lang="php"><?PHP
  
 
/**
 
/**
Line 456: Line 456:
 
}
 
}
 
die(1); //not allowed
 
die(1); //not allowed
?></pre>
+
?></syntaxhighlight>
  
 
PHP-Script "BeforeCreateDirectory.php":
 
PHP-Script "BeforeCreateDirectory.php":
<pre><?PHP
+
<syntaxhighlight lang="php"><?PHP
  
 
/**
 
/**
Line 497: Line 497:
 
   die(1); //not allowed
 
   die(1); //not allowed
 
  */
 
  */
?></pre>
+
?></syntaxhighlight>
  
 
PHP-Script "BeforeRemoveDirectory.php":
 
PHP-Script "BeforeRemoveDirectory.php":
<pre><?PHP
+
<syntaxhighlight lang="php"><?PHP
 
/**
 
/**
 
  * @author Photonensammler   
 
  * @author Photonensammler   
Line 537: Line 537:
 
   die(1); //not allowed
 
   die(1); //not allowed
 
  */
 
  */
?></pre>
+
?></syntaxhighlight>
 
Script submitted by Jörg Borch www.photonensammler.eu
 
Script submitted by Jörg Borch www.photonensammler.eu

Revision as of 13:16, 26 March 2014

Reactive

The Reactive features basically lets the server react to events after they happen by executing batch scripts or to send custom messages.

An example would be to automatically scan uploaded files for viruses. The ability to execute external batch scripts also makes it possible to launch custom programs, scripts or to perform specific actions based on actual events.

Examples

Send SMS when a specific FTP user logs in

Event in ProVide:

OnLoggedIn

Message in ProVide:

User logged in, proceed.%EXECUTE("C:\Scripts\NotifyOnLoggedIn.cmd" %USERNAME%)%

Contents of file "C:\Scripts\NotifyOnLoggedIn.cmd":

@echo off

rem Setup variables
set USER=<sms username>
set PASS=<sms password>
set TEXT=Login%%3A%1
set TO=555123456
set FROM=zFTPLogin
set PARAMS=acc=%USER%^^^&pass=%PASS%^^^&msg=%TEXT%^^^&to=%TO%^^^&from=%FROM%^^^&prio=3

rem Notify on certain users logging in
if /I "%1" == "Administrator" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL
if /I "%1" == "Backup" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL
if /I "%1" == "John" wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL

Scan uploaded files for viruses with AVG

This example illustrates how to use AVG to scan uploaded files for viruses. The script requires AVG to be installed.

Event in ProVide:

OnUploadEnd

Message in ProVide:

Closing data connection.%EXECUTE("C:\Scripts\Scan.cmd" "%LOCAL_FILENAME%")%

Contents of file "C:\Scripts\Scan.cmd":

@echo off
"C:\Program\AVG\AVG8\AVGSCANX.EXE" /HEUR /ARC /CLEAN /SCAN=%1

Create thumbnails of uploaded images

Event in ProVide:

OnUploadEnd

Message in ProVide:

Closing data connection.%EXECUTE("C:\Scripts\CreateThumbnail.cmd" "%LOCAL_FILENAME%")%

Contents of file "C:\Scripts\CreateThumbnail.cmd":

@echo off

rem Extract file information and remove quotes
set FILE=%1
for /f "useback tokens=*" %%a in ('%FILE%') do set FILE=%%~a
set EXT=
if /I "%FILE:~-4%" == ".jpg" set EXT=.jpg
if /I "%FILE:~-4%" == ".gif" set EXT=.gif
if /I "%FILE:~-4%" == ".tif" set EXT=.tif

rem Only create thumbnails from selected formats
if (%EXT%) == () exit 0

rem We know all accepted formats have 3 character extensions
set THUMBFILE=%FILE:~0,-4%-thumbnail%EXT%

rem Use ImageMagick to create thumbnails
convert "%FILE%" -resize 100x100 -quality 90 "%THUMBFILE%" >NUL

Automatically backup a file before it is to be overwritten

Event in ProVide:

OnUploadStart

Message in ProVide:

File status okay; about to open data connection.%EXECUTE("C:\Scripts\Backup.cmd" "%LOCAL_FILENAME%")%

Contents of file "C:\Scripts\Backup.cmd":

@echo off

rem Extract file information and remove quotes
set FILE=%1
for /f "useback tokens=*" %%a in ('%FILE%') do set FILE=%%~a

rem Perform the backup
copy /v /y "%FILE%" "%FILE%.bak" >NUL

Send email on FTP upload to a specific folder

This example illustrates how to send a mail notification after a file has been uploaded to a specific folder. It also does a virus scan before sending the mail. It uses a separate script to generate the email data. This is done to get correct linefeeds in the email format. It also acts as a template for the email.

Event in ProVide:

OnUploadEnd

Message in ProVide:

Closing data connection.%EXECUTE("C:\Scripts\MailOnUploadEnd.cmd" "%LOCAL_FILENAME%" "%FTP_FILENAME%")%

Contents of file "C:\Scripts\MailOnUploadEnd.cmd":

@echo off
REM Filenames may need special character codes.
chcp 1252

REM Virus scan the file, only send mail if the file still exists after the scan.
"C:\Program Files\AVG\AVG2012\AVGSCANX.EXE" /HEUR /ARC /CLEAN /TRASH /SCAN=%1

IF EXIST "%1" (
	REM Only send mail for a specific folder.
	SET FOLDER_FILTER=\Share this\
	SET FOLDER_UPLOAD=%~p2

	IF "%FOLDER_FILTER%"=="%FOLDER_UPLOAD%" (
		C:\Scripts\MailTemplate.cmd %2 | C:\Scripts\msmtp\msmtp.exe mailinglist@example.net
	)
)

Contents of file "C:\Scripts\MailTemplate.cmd":

@echo off

setlocal enableDelayedExpansion
set NL=^

REM Two empty lines required for newlines to work
echo SUBJECT:New file uploaded %~nx1!NL!
echo And here's a link to it.!NL!http://www.test.com/%~nx1!NL!
EndLocal

Proactive

The Proactive features essentially lets the server react to events before they happen.

Following a request to e.g. login or upload a file the server can for instance verify login or upload operations against external databases or check whether the user is permitted to upload a file of that specific type. We can for instance enforce that a specific user only be able to upload .doc-files.

In combination with the Reactive module we can script more advanced business applications rules verifying a user login against a SAP database and subsequently when the user is allowed to login, run scripts that execute financial reporting in SAP, directly posted and available to the specific user on the fly (reports are then automatically removed after logout).

Examples

Only allow login during office hours

Event in ProVide:

BeforeConnect

Script in ProVide:

C:\Scripts\OfficeHours.cmd

Error message in ProVide:

You're not allowed to login outside office hours.

Contents of file "C:\Scripts\OfficeHours.cmd":

@echo off

rem Extract current hour
for /f "tokens=1-2 delims=: " %%a in ('time/t') do (
  set hour=%%a
  set minute=%%b
)

rem Deny access outside office hours
if /I %hour% LSS 8 exit 1
if /I %hour% GEQ 18 exit 1

Only allow upload of specific file types

Event in ProVide:

BeforeUpload

Script in ProVide:

C:\Scripts\CheckFileType.cmd "%LOCAL_FILENAME%"

Error message in ProVide:

Access denied

Contents of file "C:\Scripts\CheckFileType.cmd":

@echo off

rem Extract file information and remove quotes
set FILE=%1
for /f "useback tokens=*" %%a in ('%FILE%') do set FILE=%%~a

rem Only allow uploading of certain file extensions
if /I "%FILE:~-4%" == ".jpg" exit 0
if /I "%FILE:~-4%" == ".gif" exit 0
if /I "%FILE:~-4%" == ".tif" exit 0
if /I "%FILE:~-4%" == ".pdf" exit 0
if /I "%FILE:~-4%" == ".php" exit 0
if /I "%FILE:~-4%" == ".css" exit 0

rem Nothing else is allowed
exit 1

Only allow SAP users to download SAP-documents

Event in ProVide:

BeforeDownload

Script in ProVide:

C:\Scripts\BusinessUser.cmd %USERNAME% "%LOCAL_FILENAME%"

Error message in ProVide:

Access denied

Contents of file "C:\Scripts\BusinessUser.cmd":

@echo off

rem Extract file information and remove quotes
set FILE=%2
for /f "useback tokens=*" %%a in ('%FILE%') do set FILE=%%~a

rem Allow access if not SAP document
if /I not "%FILE:~0,17%" == "C:\SAP Documents\" exit 0

rem Search for current user in the SAP database, we can ignore SQL injections since the user has logged in correctly
osql -d <database> -U <user> -P <pass> -Q "select 'ACCESS OK' from OUSR where USER_CODE='%1'" | find "ACCESS OK" >NUL

rem Deny access if user not in SAP database
if ERRORLEVEL 1 exit 1

rem All is OK
exit 0

Extreme login security using SMS audit

Event in ProVide:

BeforeLoggedIn

Script in ProVide:

C:\Scripts\SMSAudit.cmd %USERNAME% %IP%

Error message in ProVide:

Access denied

Contents of file "C:\Scripts\SMSAudit.cmd":

@echo off

rem Setup variables
set USER=<sms username>
set PASS=<sms password>

rem Url-encode question to be sent "Allow user to login: %1 (%2)?" set TEXT=Allow%%20user%%20to%%20login%%3A%%20%1%%20%%28%2%%29%%3F

set TO=555123456
set FROM=zFTPAudit
set PARAMS=acc=%USER%^^^&pass=%PASS%^^^&msg=%TEXT%^^^&to=%TO%^^^&from=%FROM%^^^&prio=3

rem Send question to administrator
wget --delete-after http://smsgateway/send.php?%PARAMS% >NUL

rem Wait for answer via SMS or timeout after two minutes
WaitForSMSOrTimeout.exe --timeout 120

rem Only allow login if no error level reported
if ERRORLEVEL 1 exit 1

rem All is OK, go ahead with login
exit 0

Control file types with PHP

This example shows how to restrict which file types users are allowed to work with by using php scripts. Descriptions for configuring each script is in the code comments.

PHP-Script "BeforeUpload.php":

<?PHP

/**
 * @author Photonensammler  
 */
//pass the username, and the extension of the file to upload
//check whether the upload of this filetype is allowed for user
//be passed as first Parameter the user name and as the 2nd Parameter the filename
//Usage example BeforeUpload.php Username Filename

/*
  command line in ZFTPServer event "BeforeUpload"
  "C:/PHP/php-win.exe" "C:/Program Files/ProVide/Scripts/BeforeUpload.php" "%USERNAME%" "%LOCAL_FILENAME%"
 */

/*
  for the user is evaluated the allowed file extension
  if the extension is listed in the array, for the user the upload of this filetype is allowed
  for users with the extension '*' is the upload of arbitrary files allowed
 */

$allow['User_1'] = array('txt'); //rights for user_1
$allow['User_2'] = array('txt', 'jpg', 'jpeg', 'pdf', 'wmv', ''); // rights for User_2
$allow['User_x'] = array('*'); //all rights for User_x
$allow['Administrator'] = array('*'); //all rights for Administrator

if (isset($_SERVER['argc']) && $_SERVER['argc'] > 2) {
  $user = $_SERVER['argv'][1]; //username
  if (isset($allow[$user])) {//test whether user exists
    if ($allow[$user][0] == '*') {
      die(0); //everything is allowed, exit with errorlevel 0
    } else {
      $ext = preg_split('/\./', $_SERVER['argv'][2]);
      if (count($ext) == 1) {
        $ext[1] = ''; //for files without extension
      }
      $ext = strtolower($ext[count($ext) - 1]);
      foreach ($allow[$user] as $test_ext) {
        if (strtolower($test_ext) == $ext) {
          die(0); //is allowed for this user, terminate with errorlevel 0 
        }
      }
    }
  }
}
die(1); //not allowed
?>

PHP-Script "BeforeRename.php":

<?PHP

/**
 * @author Photonensammler  
 */
//pass the username, and the extension of the old filename and the new filename to rename
//check whether the rename of this filetype is allowed for user
//be passed as first Parameter the user name, as the 2nd Parameter the old filename and as the 3td parameter the new filename
//Usage example BeforeRename.php Username Filenameold Filenamenew

/*
  command line in ZFTPServer event "BeforeRename"
  "C:/PHP/php-win.exe" "C:/Program Files/ProVide/Scripts/BeforeRename.php" "%USERNAME%" "%LOCAL_FILENAME%" "%LOCAL_FILENAME_NEW%"
 */
/*
  for the user is evaluated the allowed file extension
  if the extension is listed in the array, for the user the rename of this filetype is allowed
  for users with the extension '*' is the rename of arbitrary files allowed
 */

$allow['User_1'] = array('txt'); //rights for user_1
$allow['User_2'] = array('txt', 'jpg', 'jpeg', 'pdf', 'wmv', ''); // rights for User_2
$allow['User_x'] = array('*'); //all rights for User_x
$allow['Administrator'] = array('*'); //all rights for Administrator

if (isset($_SERVER['argc']) && $_SERVER['argc'] > 3) {
  $user = $_SERVER['argv'][1]; //username
  if (isset($allow[$user])) {//test whether user exists
    if ($allow[$user][0] == '*') {
      die(0); //everything is allowed, exit with errorlevel 0
    } else {
      $ext_old = preg_split('/\./', $_SERVER['argv'][2]);
      if (count($ext_old) == 1) {
        $ext_old[1] = ''; //for files without extension
      }
      $ext_new = preg_split('/\./', $_SERVER['argv'][3]);
      if (count($ext_new) == 1) {
        $ext_new[1] = ''; //for files without extension
      }
      $ext_old = strtolower($ext_old[count($ext_old) - 1]);
      $ext_new = strtolower($ext_new[count($ext_new) - 1]);
      foreach ($allow[$user] as $test_ext) {
        if (strtolower($test_ext) == $ext_old) {
          foreach ($allow[$user] as $test_ext) {
            if (strtolower($test_ext) == $ext_new) {
              die(0); //is allowed for this user, terminate with errorlevel 0 
            }
          }
          die(1); //not allowed
        }
      }
    }
  }
}
die(1); //not allowed
?>

PHP-Script "BeforeRemoveFile.php":

<?PHP

/**
 * @author Photonensammler  
 */
//pass the username, and the extension of the file to delete
//check whether the deleting of this filetype is allowed for user
//be passed as first Parameter the user name and as the 2nd Parameter the filename
//Usage example BeforeRemoveFile.php Username Filename

/*
  command line in ZFTPServer event "BeforeRemoveFile"
  "C:/PHP/php-win.exe" "C:/Program Files/ProVide/Scripts/BeforeRemoveFile.php" "%USERNAME%" "%LOCAL_FILENAME%"
 */

/*
  for the user is evaluated the allowed file extension
  if the extension is listed in the array, for the user the deleting of this filetype is allowed
  for users with the extension '*' is the deleting of arbitrary files allowed
 */

$allow['User_1'] = array('txt'); //rights for user_1
$allow['User_2'] = array('txt', 'jpg', 'jpeg', 'pdf', 'wmv', ''); // rights for User_2
$allow['User_x'] = array('*'); //all rights for User_x
$allow['Administrator'] = array('*'); //all rights for Administrator

if (isset($_SERVER['argc']) && $_SERVER['argc'] > 2) {
  $user = $_SERVER['argv'][1]; //username
  if (isset($allow[$user])) {//test whether user exists
    if ($allow[$user][0] == '*') {
      die(0); //everything is allowed, exit with errorlevel 0
    } else {
      $ext = preg_split('/\./', $_SERVER['argv'][2]);
      if (count($ext) == 1) {
        $ext[1] = ''; //for files without extension
      }
      $ext = strtolower($ext[count($ext) - 1]);
      foreach ($allow[$user] as $test_ext) {
        if (strtolower($test_ext) == $ext) {
          die(0); //is allowed for this user, terminate with errorlevel 0 
        }
      }
    }
  }
}
die(1); //not allowed
?>

PHP-Script "BeforeDownload.php":

<?PHP

/**
 * @author Photonensammler  
 */
//pass the username, and the extension of the file to download
//check whether the download of this filetype is allowed for user
//be passed as first Parameter the user name and as the 2nd Parameter the filename
//Usage example BeforeDownload.php Username Filename

/*
  command line in ZFTPServer event "BeforeDownload"
  "C:/PHP/php-win.exe" "C:/Program Files/ProVide/Scripts/BeforeDownload.php" "%USERNAME%" "%LOCAL_FILENAME%"
 */

/*
  for the user is evaluated the allowed file extension
  if the extension is listed in the array, for the user the download of this filetype is allowed
  for users with the extension '*' is the download of arbitrary files allowed
 */

$allow['User_1'] = array('txt'); //rights for user_1
$allow['User_2'] = array('txt', 'jpg', 'jpeg', 'pdf', 'wmv', ''); // rights for User_2
$allow['User_x'] = array('*'); //all rights for User_x
$allow['Administrator'] = array('*'); //all rights for Administrator

if (isset($_SERVER['argc']) && $_SERVER['argc'] > 2) {
  $user = $_SERVER['argv'][1]; //username
  if (isset($allow[$user])) {//test whether user exists
    if ($allow[$user][0] == '*') {
      die(0); //everything is allowed, exit with errorlevel 0
    } else {
      $ext = preg_split('/\./', $_SERVER['argv'][2]);
      if (count($ext) == 1) {
        $ext[1] = ''; //for files without extension
      }
      $ext = strtolower($ext[count($ext) - 1]);
      foreach ($allow[$user] as $test_ext) {
        if (strtolower($test_ext) == $ext) {
          die(0); //is allowed for this user, terminate with errorlevel 0 
        }
      }
    }
  }
}
die(1); //not allowed
?>

PHP-Script "BeforeCreateDirectory.php":

<?PHP

/**
 * @author Photonensammler  
 */
//pass the username, check whether the creation of Directorys is allowed for this user

/*
  command line in ZFTPServer event "BeforeCreateDirectory"
  "C:/PHP/php-win.exe" "C:/Program Files/ProVide/Scripts/BeforeCreateDirectory.php" "%USERNAME%"
 */

/*
  for the user is only evaluated '*', for users with '*' is the creation of Directorys allowed
  users without '*' dont have authorization to create Directorys
 */
$allow['User_1'] = ''; //no rights for user_1
$allow['User_2'] = ''; //no rights for User_2
$allow['User_x'] = '*'; //all rights for User_x
$allow['Administrator'] = '*'; //all rights for Administrator
//this is the compact code
die(isset($_SERVER['argc']) ? (isset($allow[$_SERVER['argv'][1]]) ? ($allow[$_SERVER['argv'][1]] == '*' ? 0 : 1) : 1) : 1);


/* This is the clear code
  if(!isset($_SERVER['argc'])){
  die(1); //errorlevel 1 -> called without parameters
  }
  $user=$_SERVER['argv'][1]; //username
  if(!isset($allow[$user])){//test whether user exists
  die(1); //no user
  }else{
  if($allow[$user]=='*'){
  die(0); //is allowed to exit with errorlevel 0
  }
  }
  die(1); //not allowed
 */
?>

PHP-Script "BeforeRemoveDirectory.php":

<?PHP
/**
 * @author Photonensammler  
 */
//pass the username, check whether the deletion of Directorys is allowed for this user

/*
  command line in ZFTPServer event "BeforeRemoveDirectorys"
  "C:/PHP/php-win.exe" "C:/Program Files/ProVide/Scripts/BeforeRemoveDirectory.php" "%USERNAME%"
 */

/*
  for the user is only evaluated '*', for users with '*' is the deletion of Directorys allowed
  users without '*' dont have authorization to delete Directorys
 */
$allow['User_1'] = ''; //no rights for user_1
$allow['User_2'] = ''; //no rights for User_2
$allow['User_x'] = '*'; //all rights for User_x
$allow['Administrator'] = '*'; //all rights for Administrator
//this is the compact code
die(isset($_SERVER['argc']) ? (isset($allow[$_SERVER['argv'][1]]) ? ($allow[$_SERVER['argv'][1]] == '*' ? 0 : 1) : 1) : 1);


/* This is the clear code
  if(!isset($_SERVER['argc'])){
  die(1); //errorlevel 1 -> called without parameters
  }
  $user=$_SERVER['argv'][1]; //username
  if(!isset($allow[$user])){//test whether user exists
  die(1); //no user
  }else{
  if($allow[$user]=='*'){
  die(0); //is allowed to exit with errorlevel 0
  }
  }
  die(1); //not allowed
 */
?>

Script submitted by Jörg Borch www.photonensammler.eu