Example of ignoring the ftp enforcer frontend and doing magic stuff

index.php

<?php
	if(isset( $_POST ) && array_key_exists( 'username', $_POST ) && array_key_exists( 'password', $_POST )) {
		$ftph = @ftp_connect( 'localhost' ) or die( 'Could not connect to server, try again later' );
		@ftp_login( $ftph, $_POST['username'], $_POST['password']) or die( 'Not enough sweeties' );
		@ftp_close( $ftph );

		$hdir = '/home/' . get_current_user();
		$dir = $hdir . '/.ftp_enfocer/';

		if( !is_dir( $hdir ) )
			die( 'Who knows' );

		if( !is_dir( $dir ) )
			mkdir( $dir ) or die( 'Dir doesn\'t like you' );

		$etime = time()+3600; // UNIX time
		@file_put_contents( $dir . 'allowed_ips', $etime . "\n" ) or die( 'File doesn\'t like you' );

		print "Wibble, flobble";
		/*
			Could also do something like
			@file_put_contents( $dir . 'allowed_ips', $_ENV["REMOTE_ADDR"] . ",Magic comment!\n", FILE_APPEND ) or die( 'File doesn\'t like you' );

			Or if you where a reseller;
			@file_put_contents( $dir . 'global_allowed_ips', $_ENV["REMOTE_ADDR"] . ",Magic comment!\n", FILE_APPEND ) or die( 'File doesn\'t like you' );

			If I really didn't want to give the office a dyndns address and didn't have a static IP I could scrap ftp auth, stick a static token in then
			have a scheduled task do curl stuff from the cruddy win95 box in the corner to give all the staff access... or something.
		*/
	} else {
?>
<form action="#" method="POST">
	<p>FTP username: <input type="text" name="username" /></p>
	<p>FTP password: <input type="password" name="password" /></p>
	<input type="select" value="Give me an hour of access!" />
</form>
<?php
	}
?>