0

Right now I have a website set up that links to scripts on the LAN that allow me to install the many network printers that I manage. Basically it's just a HTML page that, very insecurely, points to a script on another part of the lan that installs it as a TCP/IP printer on the local machine.

<a href="file://server/prnt/HP3200.bat>HP 3200 (room C204)</a>
<a href="file://server/prnt/HP3200.bat>HP 3200 (room C206)</a>
<a href="file://server/prnt/DELL1500.bat>DELL 1500</a>
<a href="file://server/prnt/TOS120.bat>Toshiba 120</a>

Does anyone know how I could make this more secure and efficient? The Linux server also hosts PHP pages so Server Side Scripting would not be an issue. There has to be a better way for the website to manage the many IP's, Names and Drivers of the printers. I would prefer if the website could actually install the printer somehow, instead of showing the ugly DOS window to inexperienced PC users while it grabs the .inf driver file and adds the printer.

Johannes Kuhn
  • 14,778
  • 4
  • 49
  • 73
CoderWalker
  • 299
  • 4
  • 14

1 Answers1

1

This really isn't something that you can do with PHP. Everything PHP executes on the server itself, so it can't do anything on behalf of the user in the way you want it to I think. Javascript isn't an option as well due to security limitations that it has (It would be a VERY VERY bad thing if javascript could change these types of settings and execute code like that).

What you are doing is pretty much as easy as it gets, short of running an SOE and having an app written to do what you want. I would suggest if you are worried about the way that these .bat scripts LOOK, pop into the code and make them more appealing - or make them look more 'techy'. What you currently have is a clean, simple and effective way of adding a printer to a PC.

Edit: The application was probably an msi snapin. That will be some significant coding though, all the more so if you aren't familiar with windows programming.

Edit 2: On re-reading your comment, you can do something like this:

Make a .VBS file with something along these lines in it:

Set WshShell = CreateObject("WScript.Shell")
WshShell.Run chr(34) & "C:\Batch Files\syncfiles.bat" & Chr(34), 0
Set WshShell = Nothing

Have your webpage point to these VBS files rather than the bat files. All this will do is open the bat file in the background. Note that bat files can post important information in the text - such as "Install Successful" or "Install Failed". If you run everything invisibly, your user can't really tell if things worked.

Fluffeh
  • 33,228
  • 16
  • 67
  • 80
  • Thanks for the comment. We switched from a system called "Novell iPrint". With iPrint you visited the iPrint webpage, clicked on the printer, and it grabbed the driver, installed the printer, set it as default. You were right they used a Client side iPrint program. Thanks – CoderWalker Aug 09 '12 at 01:17