This open source utility allows to upload / download via HTTP IFS stream files to / from
an iSeries server.
The utility is authored by
Giovanni B. Perotti, Italy.
1. Installation
|
Download
Download it from the Easy400 site. Registration is required.
Prerequisites
- OS/400 V5R1 or subsequent
- Library QHTTPSVR (product 5722DG1)
- RPG-ILE compiler (just for the installation)
Installation procedure
- unzip the fupload.zip file you have downloaded.
It contains a readme.txt instructions file and file
fupload.savf
- crtsavf qgpl/fupload
- use FTP to load PC file fupload.savf
into save file qgpl/fupload
- rstlib fupload *savf savf(qgpl/fupload)
- to complete the installation, run the following
REXX procedure:
strrexprc srcmbr(install) srcfile(fupload/qrexsrc)
This procedures performs the following
- compiles modules, creates programs
- restores directory /fupload
- runs command fupload/httpcfg
to install HTTP directives.
User can choose
between traditional HTTP directives and Apache
directives.
HTTP directives are automatically installed.
Apache directives require the following command
be run:
cpyf fromfile(fupload/qatmhinstc) tofile(qusrsys/qatmhinstc)
frommbr(fuploadapa) tombr(fuploadapa)
mbropt(*replace) crtfile(*yes)
- To enable the HTTP server
- if you decided to install the traditional
HTTP directives
strtcpsvr server(*http) restart(*http) httpsvr(default)
- if you decided to install the Apache
HTTP directives
strtcpsvr server(*http) httpsvr(fuploadapa)
|
2. Restrictions
|
- For the file upload, the total size of the inputs (input variables and
file to be uploaded) should not exceed 16 Mb
(16,776,704 byte). See
IBM iSeries Information Center.
- No file size restrictions for the file download CGI.
No enabling HTTP directives needed to access the
the stream files to be downloaded. Just read access rights required.
Open a separate window
to display the ILE-RPG source of the download CGI
fdnload.
|
3. Operation
|
- If you decided to install the traditional
HTTP directives, from your browser run
-
http://yourTcpAddr/fuploadh/doc.mbr
to display the documentation
-
http://yourTcpAddr/fuploadp/fupload.cgi
to run the upload utility
-
http://yourTcpAddr/fuploadp/fdnload.cgi
to run the download utility
- If you decided to install the Apache
HTTP directives, from your browser run
-
http://yourTcpAddr:8027/fuploadh/doc.mbr
to display the documentation
-
http://yourTcpAddr:8027/fuploadp/fupload.cgi
to run the upload utility
-
http://yourTcpAddr:8027/fuploadp/fdnload.cgi
to run the download utility
- The upload utility displays a page where you are requested to
enter
- the target IFS file (path and name)
- some comment
- the file on your PC that you want to upload
(use of the Browse button is recommended)
See figure 1 .
- as a result of your request, the file is uploaded,
see figure 2 ,
provided that user profile QTMHHTP1 is authorized
to the target directory.
|
4. Customization of the Upload utility
|
Some experience with ILE-RPG and
cgidev2
WEB programming is required.
Open a separate window
to display the ILE-RPG source of the upload CGI
fupload.
The better understand how the program works
- set variable DetailSW
to a non blank value:
29.00 D DetailSW s 1a inz('x') |
- recreate the program via command
fupload/compile
Now, when you run it, the HTML response shows some detail
information used by the program to perform the operation. See
figure 3.
Some comments on program execution.
It goes through the following steps:
- Retrieves the length of the input buffer.
If length is zero, it issues the page asking for input data.
If length not zero, it should process the upload request.
We shall deal with this case (PART 2).
- Allocates an amount of storage equal to the length
of the input buffer
- Calls the "standard input" API to receive the input buffer
in the allocated storage
- Converts a maximum of 1,000 initial input ASCII characters
to EBCDIC. This is important, as the control parameters
are expected in the first 1,000 initial characters
(this is why the file to be uploaded was the last input
field in the form used to launch the upload request)
- If requested so by the DetailSW,
it displays some data (the first 1,000 chars
and the MIME headers falling in this string) in the
response HTML page.
- Retrieves all the parameters which are needed for the
upload. This is a very important part, that you
must customize any time you need to add or change input
parameters. The following parameters are retrieved:
- Path and name of the local file ("FileName").
This will just be reported in the HTML response page.
- Type of the local file ("FileType").
This will just be reported in the HTML response page.
- Start position (in the buffer) of the local file to be uploaded
("StrPos").
This is a vital piece of information.
- Size of the local file to be uploaded
("FileSize").
This is a vital piece of information.
- Path and name of the server IFS file to be created
("ServerFile").
This is a vital piece of information.
- Description
("Description").
This parameter is just provided to teach how to handle
parameters added for program customization.
- Makes sure that the target directory ("ServerDir", the IFS directory
where the local file should be uploaded) exists
- Performs the upload (routine "WrtDta").
This is done through the following steps:
- Delete the server file, if already existing
- Open the server file for output
- Write to the file the string in the input buffer
containing the local file to be uploaded
- Close the server file
- Report the outcome of the operation in the response HTML page.
|
5. Protection
|
Most likely you will need to protect your file upload / download
service, in such a way that only authorized users may access it.
We have already provided for some basic protection,
based on the validation list "fupload/fupload".
Should you feel unconfortable with validation lists
for protecting sensitive programs, may we recommend that you take a look at
a very popular Easy400 delivery: WEB protection Made Easy.
Here is how you can easily take advantage of the existing
protection set up:
- create the following user profile:
crtusrprf usrprf(fupload) inlmnu(*signoff)
text('To implement file upload protection') aut(*use)
- enable HTTP protection directives
- If you are using the traditional HTTP server, uncomment
the following HTTP directives for FUPLOAD:
#Protection fupload {
# PasswdFile FUPLOAD/FUPLOAD
# ACLOverride Off
# PostMask All
# GetMask All
# AuthType Basic
# ServerID FILE_UPLOAD
# UserID FUPLOAD
#}
#Protect /fuploadp/fupload.* fupload
|
- If you are using the Apache HTTP server, uncomment
the following HTTP directives for FUPLOAD:
#<Location /fuploadp/fupload.*>
# AuthType Basic
# AuthName FILE_UPLOAD
# PasswdFile FUPLOAD/FUPLOAD
# UserID FUPLOAD
# Require valid-user
#</Location>
|
- Validation list fupload/fupload is delivered
with a single entry:
user name: |
fred |
password: |
fred |
You may want to take advantage of this
to test our basic protection.
- use command "fupload/wrkvldle"
to maintain the validation list
"fupload/fupload":
Wrk with a vldl entry (WRKVLDLE)
Type choices, press Enter.
action . . . . . . . . . . . . . *ADD, *CHG, *RMV
user name for logon . . . . . .
password for logon . . . . . . .
'user full name' . . . . . . . .
validation list . . . . . . . . FUPLOAD Name
library . . . . . . . . . . . FUPLOAD Name, *LIBL, *CURLIB
|
This command also maintains database file
"fupload/users".
- If you want to create a customized tool for maintaining
authorized users:
- review ILE-RPG module
"wrkvldle"
- note that program
"fupload"
retrieves the logged-in user name in variable
"UserName".
- program
"fupload"
can be added a routine to make sure that the logged-in user ("UserName")
is authorized to the IFS target
directory (variable "ServerDir")
|
|