As Neil noted, SFTP is slated for a future version of LiveCode, and is not currently supported directly. It can be accomplished by calling curl or wget on desktop systems, but I don't believe those utilities are included by default on most mobile devices (someone please correct me if that's not true).
But whether done through curl or in LiveCode itself when it gets implemented, SFTP is of limited value. It can be a very good choice when making workgroup support apps in which you want to provide general access to a server's files among trusted team members, but is often less efficient and usually less secure than alternatives for simply posting a single file to the server.
The security concern is that SFTP requires embedding the server's FTP account password in the script. While the transaction is of course encrypted over the wire (the "S" in "SFTP"), local on-device probing can conceivably retrieve the password info from RAM before it goes out. Once something as powerful as a site's password has been obtained, everything on the server, and everything that contacts the server, is at risk. Never underestimate the ingenuity of hackers: never embed passwords in anything distributed to the pubic.
The more common solution is not only more secure, but often simpler to implement on the client side: set up the server with a CGI script to receive the file, and on the client use POST over HTTP to send the file.
This obviates the need for embedded passwords, and limits the interaction to do only what you want, without the possibility of using the FTP connection for any other, perhaps undesirable, actions.
There are numerous CGI example scripts for simple file reception in PHP all over the Web, and a few for LiveCode Server in our community.
Here's one:
http://lessons.runrev.com/m/4070/l/4070 ... ode-server
