README for Cwfm - Comet WebFileManager V0.9.1

Overview

Cwfm is a web file manager. 

I started this project to solve a typical 'intranet problem'. Non-skilled
users want to exchange files from servers connected by wan or Internet link.
Ftp is not suitable for this task 'cause its scarce user-friendlyness. 
Normal smb connections are impraticable over Internet due to security problems
and slowness. The users are generally already able to use a web browser. 
All these considerations have carried me to one direction: a web application 
reachable from everywhere with the http protocol. Of course I started with 
security in mind. If anyone can connect to your server disks it's important 
to avoid any possible unauthorized access. Cwfm is constituted by a set of php 
scripts that perform user authentication (using php sessions) and a subset of 
a typical file manager features.

Please note that Cwfm can be used to access any area of your filesystem, as
long you give right file and directory permissions.

User authentication in the Login window does not trasmit username or password
in cleartext. Md5 hashing with server challenge-response is performed directly 
by the browser before transmitting any data. So a SSL connection is not needed 
in order to prevent password sniffing. Due to challenge-response, it's not
possible to replay login session, preventing unauthorized access.

Browser compatibility

When I started this project I hoped to make it compatible with all browsers. 
Soon I had to abandon Netscape 4.xx compatibility due to poor implementation of
css. Now the supported browsers are: Netscape starting from version 6, 
InternetExplorer starting from version 5.0 (please see file Ie55.Is.Bugged for 
exception to this), Mozilla starting from version 0.94, Mozilla engine based 
browsers.


No db required

From the beginning I wanted not to use any db engine if not absolutely required.
This choice may negatively impact on performances when many file descriptions 
are stored. If this will become a performance problem I'll consider the use of 
MySql.


Disclaimer

The software is provided as is. Please bear in mind that I have done this in 
my spare time. While it is as accurate as I could make it there is a reasonable 
chance that there are mistakes somewhere in here. If you email and tell me 
about them I will be happy to fix them but I can't take responsibility for 
your system. Basically use this at your own risk.


Copyright

Cwfm - WebFileManager (c)2001-2002 Vincenzo Valvano - vival@cometweb.it
    
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
by the Free Software Foundation; either version 2, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
				    
Product names and various content (including but not limited to audio,
video, and graphics) are trademarks of their respective owner.
