HomePHP Page 3 - Setting Up a Web-Based File Manager: PHPfileNavigator2
Configuring and Using pfn2 - PHP
This is the second half of the two-part series titled “Setting Up a Web-Based File Manager.” Here we are going to continue with the installation and configuration of web-based file managers. We’ll present another freeware, open-source PHP-based file manipulation utility in the same way we explained bfExplorer in the previous part. This time, it’s going to be the PHPfileNavigator2 (pfn2).
By now you should have logged in with the administrator login information that you provided during the installation process. Check out the screenshot I’ve attached below. That’s how the login screen of pfn2 looks. Yes, it also supports “password recovering” features (forgot your password?). So it’s a state-of-the-art file manager.
Once you are in, navigate to the Admin Area; you can find it on the top of the screen. This is where we can add, delete, and modify groups, users, roots, and the config files (it also can be done with a conventional FTP client). I’d suggest the following: each user should have its (his/her) own main root. Then you can set up a few user groups, such as Administrators and Guests, for example.
Adding a new user is pretty intuitive. It asks for the name of the user, then comes the username, password, and e-mail, just for notification purposes -- whether the user has the right to change data or not (such as change his/her password, etc.), and whether the user should be “active” or not (this is specified by the Status variable, on or off). You must also enroll the user in a user group and specify whether the user is a PHPfileNavigator2 administrator. The latter gives access to the admin’s control panel.
Creating a root is a little bit trickier because, just like during the installation process, you need to know the absolute path of the directory with which you want to associate the user. The web path is the one where you can access the folder of the user through a web browser (i.e “hostname.com/johnsmith/” – but don’t add the hostname.com, just /johnsmith/ goes in that field). The absolute path is the “real path” that leads to this folder on the server (for example: “/home/hostname/public_html/johnsmith/” – this is with shared servers).
Keep in mind that the path must start and end with a slash (“/”) and please don’t confuse it with the Windows-like backslashes (“”). As for creating user groups, that's not hard either. You specify its details and ultimately you can check which of the users are enrolled in that particular user group.
With this control panel, you can also re-index the data. This is also where you can generate reports, check the logs, and so forth. So pay a visit every now and then to the Admin Area to see what’s happening with your server while you’re sleeping.
We’ve covered most, if not all, of the configuration options that are available and interest us in this case. Please revise the strategy of how we created a new folder, called “/upload” or “/files” or “/data”, for uploads in the first article of this series without compromising the overall security of our server. Basically, you need to “chmod 777” that folder, because otherwise, you can’t upload data to it with pfn2.
But to make the data private and to restrict the ability to execute PHP shell scripts, which could help an attacker gain unauthorized access to the server (exploits), we’ve added 4 lines to a file, called “.htaccess”, which we’ve created in our dedicated upload folder. Refer back to the first article to find out what I’m talking about.
Now the time has come for us to see the final product – pfn2 in action!
Check out the way thumbnails are used for folders that contain lots of images. It is rather impressive. Nobody would guess it’s just a web-based file manager and not a stand-alone desktop application that requires installation.
As you can see from the screenshot above, PHPfileNavigator2 is really useful. By knowing its amazing features, you can surely rely on it for personal data and such. But like I already said in the first half of this series, when it’s about storing top priority, confidential projects or files that could compromise national security, you should obviously opt for something more secure than PHP.