|
PHP - Execute Permission To Write? Really?
PHP is owner of image directory with "permissions 660." My script is: $imagePath = '../imageDirectory/'.gif'; $image = imagecreatefromstring(base64_decode($raw_image_data)); $rotate = imagerotate($image,-90,0); imagegif($rotate,'../imageDirectory/'.gif'); Is it because the imagerotate and imagegif functions need the execute requirements to be able to monkey with the image? Thank you.
Sub question (maybe more important than the first question): Thank you. Similar TutorialsI have use apache server with PHP installed on it,i created one directory through php coding it get created but it has permission ( drwxr-sr-x 3 www-data www-data 4096 Feb 26 04:54 Merchantid_30) my other directories has ubuntu:ubuntu permission, I want to write on my directory but www-data wont allow me to write on it,giving 777 permission through chmod is risky, can i create directory through php but its default permission is set to be ubuntu:ubuntu instead of www-data ? what changes i need to do in coding?
Maybe never mind. Just noticed ssphpd doesn't have a group... ps. do I have the umask part right? Edit 2. No, it didn't help... I have two users (ssphpd and apache) which will need to write files to a given directory and its subdirectories. My intent was to set them up with ssphd's group and use the setgid to make all future files and directories inherit that group. Not sure, but I don't think I have this right yet as I indicate at the end of this post. [michael@bb5 ~]$ sudo useradd -r ssphpd [michael@bb5 ~]$ sudo usermod -aG wheel ssphpd [michael@bb5 ~]$ sudo usermod -aG wireshark ssphpd [michael@bb5 ~]$ sudo usermod -aG ssphpd apache [michael@bb5 ~]$ groups apache apache : apache ssphpd [michael@bb5 ~]$ groups ssphpd ssphpd : ssphpd wheel wireshark [michael@bb5 ~]$ [michael@bb5 ~]$ sudo chmod g+rwx -R /var/www/~/storage [michael@bb5 ~]$ sudo chown michael.ssphpd -R /var/www/~/storage [michael@bb5 ~]$ sudo chmod g+s /var/www/~/storage My script to write this files is below:
public function setFile(array $file, string $nameAlias):void {
$path=$this->getPath($nameAlias, true);
$this->moveTo($file['tmp_name'], $path);
}
private function getPath(string $name, bool $create):string {
//$name is 20 characters
$p1=$this->uploadDirectory.'/'.substr($name,0,2);
$p2=$p1.'/'.substr($name,2,3);
$p3=$p2.'/'.substr($name,5,4);
$old_umask = umask(0);
if($create) {
if(!file_exists($p1)){mkdir($p1, 0775);}
if(!file_exists($p2)){mkdir($p2, 0775);}
if(!file_exists($p3)){mkdir($p3, 0775);}
}
umask($old_umask);
return $p3.'/'.substr($name,9);
}
private function moveTo(string $tmpname, string $path):void {
syslog(LOG_ERR, "attempting to move $tmpname to $path");
$uid = posix_getuid();
syslog(LOG_ERR, "user PHP is running as: $uid - ".posix_getpwuid($uid)['name']);
$gid = posix_getgid();
syslog(LOG_ERR, "group PHP is running as: $gid - ".posix_getpwuid($gid)['name']);
$this->test($tmpname);
$this->test(substr($path,0,-12));
syslog(LOG_ERR, move_uploaded_file($tmpname, $path)?'success':'failure');
}
private function test(string $file):void {
syslog(LOG_ERR, "$file is writable: ".(is_writable($file)?'yes':'no'));
$uid=fileowner($file);
syslog(LOG_ERR, "$file owner: $uid - ".posix_getpwuid($uid)['name']);
$gid=filegroup($file);
syslog(LOG_ERR, "$file group: $gid - ".posix_getpwuid($gid)['name']);
$perms=fileperms($file);
syslog(LOG_ERR, "$file permissions: $perms - ".$this->formatPerms($perms));
}
However, as seen, not only can only apache write files, the newly created directories are displaying apache's group instead of ssphp's group. Any ideas? Jun 06 19:40:29 bb5.net Server[8485]: attempting to move /tmp/DL_TS_6n0kmr to /var/www/dev/storage/uploads/45/699/ed6c/d15fd6959b6 Jun 06 19:40:29 bb5.net Server[8485]: user PHP is running as: 989 - ssphpd Jun 06 19:40:29 bb5.net Server[8485]: group PHP is running as: 986 - Jun 06 19:40:29 bb5.net Server[8485]: /tmp/DL_TS_6n0kmr is writable: yes Jun 06 19:40:29 bb5.net Server[8485]: /tmp/DL_TS_6n0kmr owner: 989 - ssphpd Jun 06 19:40:29 bb5.net Server[8485]: /tmp/DL_TS_6n0kmr group: 986 - Jun 06 19:40:29 bb5.net Server[8485]: /tmp/DL_TS_6n0kmr permissions: 33152 - rrw------- Jun 06 19:40:29 bb5.net Server[8485]: /var/www/dev/storage/uploads/45/699/ed6c is writable: yes Jun 06 19:40:29 bb5.net Server[8485]: /var/www/dev/storage/uploads/45/699/ed6c owner: 989 - ssphpd Jun 06 19:40:29 bb5.net Server[8485]: /var/www/dev/storage/uploads/45/699/ed6c group: 986 - Jun 06 19:40:29 bb5.net Server[8485]: /var/www/dev/storage/uploads/45/699/ed6c permissions: 16893 - drwxrwxr-x Jun 06 19:40:29 bb5.net Server[8485]: failure Jun 06 19:40:32 bb5.net Api[6981]: attempting to move /tmp/phpy1CRQR to /var/www/dev/storage/uploads/ec/911/7ab7/c73065bff0b Jun 06 19:40:32 bb5.net Api[6981]: user PHP is running as: 48 - apache Jun 06 19:40:32 bb5.net Api[6981]: group PHP is running as: 48 - apache Jun 06 19:40:32 bb5.net Api[6981]: /tmp/phpy1CRQR is writable: yes Jun 06 19:40:32 bb5.net Api[6981]: /tmp/phpy1CRQR owner: 48 - apache Jun 06 19:40:32 bb5.net Api[6981]: /tmp/phpy1CRQR group: 48 - apache Jun 06 19:40:32 bb5.net Api[6981]: /tmp/phpy1CRQR permissions: 33152 - rrw------- Jun 06 19:40:32 bb5.net Api[6981]: /var/www/dev/storage/uploads/ec/911/7ab7 is writable: yes Jun 06 19:40:32 bb5.net Api[6981]: /var/www/dev/storage/uploads/ec/911/7ab7 owner: 48 - apache Jun 06 19:40:32 bb5.net Api[6981]: /var/www/dev/storage/uploads/ec/911/7ab7 group: 48 - apache Jun 06 19:40:32 bb5.net Api[6981]: /var/www/dev/storage/uploads/ec/911/7ab7 permissions: 16893 - drwxrwxr-x Jun 06 19:40:32 bb5.net Api[6981]: success Edited June 6, 2019 by NotionCommotion I want to delete an image file from a folder using unlink. The code is : Code: [Select] $movie_id = $checkbox[$i]; $sql = "DELETE from movie_basic_details where `movie_id` = '$movie_id'"; $result = mysql_query($sql) or die(mysql_error()); $sql1 = "DELETE from movie_details where `movie_id` = '$movie_id'"; $result = mysql_query($sql1) or die(mysql_error()); $sql2 = "DELETE from movie_stars where `movie_id` = '$movie_id'"; $result = mysql_query($sql2) or die(mysql_error()); $query = "select movie_name from movie_basic_details where movie_id = '$movie_id'"; $res = mysql_query($query) or die(mysql_error()); $data = mysql_fetch_array($res); unlink("upload/movies/".$data['movie_name']); } The entries in the database have been deleted but only the image corresponds to that entry do not get deleted. The following warning comes up : Warning: unlink(upload/movies/) [function.unlink]: Permission denied in C:\wamp\www\ContentPanel\deletemovies.php on line 23 I have uploaded the files using $_FILES server variable and move_uploaded_file function. I am running this script on windows 7. Please Help. i have some questions on how folders and files permissions work. say i have users directories outside 'protected' as below.. Code: [Select] users -- usera -- docs -- userb -- docs protected i do not want user B who does not have the rights, to access anything in user A directories. also, i do not want any person to access the directories directory via url links. basically i just want users to be able to access their own directories, and no one else. how can it be done? thanks! Hello I built a component for a non-profit organisation which want to use the 404page to promote several charities. In order to do that I want to place a file 'error.php' in the map 'templates/system'. I use the RENAME function for that. So far so good. On many sites it works fine, but on other sites I get an error on the rename function. The user-id and the group-id of the script I use are the same as the uid's of 'templates/system'. So there shouldn't be a problem. If I add public write to the filepermissions of 'templates/system'/ with Filezilla the error disappears. But I can't do that with the php chmod function, again because of too less priviliges. HELP, I can't find an explanation for that and that's driving me crazy. thanks in advance Hi. I'm trying to make my folder management tool able to remove stuff. Problem is, I get permission denied.
I've checked the NFTS perms for the share and for the folder. It's also not read only. I logged into my other workstation as the service account the web server is using and opened a DOS window and did "rd \\server\share\folder" and it removed it no problem. It just fails in PHP. Any idea what I should be looking at? Thanks!
Edited by Strahan, 02 August 2014 - 05:06 PM. this script is supposed to save my $csvfile to a .sql file name $ouputfile into a folder called files/ $csvfile = $_FILES['file']['name']; //form from another folder $save = 1; $outputfile = "output.sql"; here is the save script if($save) { chmod($csvfile, 0777); if(!is_writable($outputfile)) { echo "File is not writable, check permissions.\n"; //when i execute this script, it goes in here } else { $file2 = fopen($outputfile,"w"); if(!$file2) { echo "Error writing to the output file.\n"; } else { fwrite($file2,$queries); fclose($file2); } } i want that when someone post some comment on post that don't insert in table directly before inserting i can check and after approving then insert in table for which what i doo ?any IDea about this Im in the process of setting up a social media site , Just switched from basic hosting to Dedicated Server Everything was working till i switched . I have a basic join forum and email activation , On the register.php file it tell script to make a directory mkdir into member/folder like this below, But it will make the folder for the id of that user but will not let them upload any images?. At first it wouldnt even make a folder but i found out it was a permissions issue with my server i fixed it , im guessing the upload is also a permission's issue ? But the script automaticly make the members/"$id" folder and i dont know how to set permission for auto create folder that if i even have to ? so confused. (BEGGGGINGG !! FORRRRR HELPPPPPPPPPPPPPPPPPPPP! Im running a dedicated server with godaddy, On centOs w/ Plesk Panel 9.3.0 ------------------------------------------------------------------------------------------- $id = mysql_insert_id(); // Create directory(folder) to hold each user's files(pics, MP3s, etc.) mkdir("members/$id", 0755); Hmm, hello everyone, i'm running my php in an ubuntu server and I'm trying to run a command using exec (i.e. 'echo 1 > /var/www/test.txt') but I always get a permission denied issue, although i've already changed the permissions to 777 (read-write-execute) Any solution? I have started a project using laravel. I am in the process of builing User groups and permissions in the admin dashboard.
I have uploaded a snapshot of my views to which i want to restrict access. i want to structure it to be completely dynamic
views.PNG 9.41KB
0 downloads
I am trying to run the following code to upload a file. (WAMP using Win XP). Once I select the file and click submit I get the error: "Forbidden... You don't have permission to access /< on this server." with URL http://localhost/<?=$PHP_SELF?> Code is below: <form action="<?=$PHP_SELF?>" method="post" enctype="multipart/form-data"> <br/><br/> Choose a file to upload:<br/> <input type="file" name="upload_file"> <br/> <input type="submit" name="submit" value="submit"> </form> TIA So i am on a shared host and it seems that only 777 allows me to upload images on a certain folder , not 755 , just 777... is it because of the shared host or thats how it works? PS: i really didnt know where to post it so if a mod can move it , i'd appreciate it. I am getting this error Warning: ftp_put() [function.ftp-put]: Can't open that file: Permission denied in /home/chris/public_html/site-name/wp-content/setup.php on line 62 Code: [Select] $conn_id = ftp_connect($host, 21) or die ("Cannot connect to host"); ftp_login($conn_id, $usr, $pwd) or die("Cannot login"); // turn on passive mode transfers (some servers need this) // ftp_pasv ($conn_id, true); $upload = ftp_put($conn_id, $file[0], $file[1], FTP_ASCII); print (!$upload) ? die('Cannot upload') : 'Upload complete'; print "\n"; The permissions to the file is 0644, if I change it to 0777 ftp_put complains and says the file is not found. How can I ftp this file? What is going on? Thanks, Chris Hi. I'm using SimpleImage.php to do some basic image manipulation. The code is here http://www.white-hat-web-design.co.uk/articles/php-image-resizing.php, but I don't think all the details are important. Basically, I'm trying to read and image and save it with a different name. I'm really new with this stuff, so it's probably something simple. Anyway, here is the code throwing the error, $image_info = getimagesize($filename); where $filename is a string containing the path to the image I want to load, e.g. $filename="images/picture.jpg"; It's throwing a "Read Error!" I know that the path is correct. In fact I first check if the file is there using is_file($filename); and it returns true. I'm guessing that maybe php does not have "permission" to read this file. The permissions for the file are -rw-r--r-- 1 www-data www-data 80211 2011-04-20 16:19 picture.jpg Looks like everyone has "read" permission, so I don't see what the problem is. Also, the permissions of the folder and all parent folders are 777. Not sure what the problem is. I might be way off by guessing that it is a permissions problem. Any help would be great. Thanks. Also, I was wondering if there is a way for this forum to email me whenever there is a reply to my posts. I can't seem to find the option anywhere. Hi, On login page load, (even before submitting user name and pass) Debugger finds "permission denied error", can see it he goldpharm.co.il/authentication.php Now, when a user submit's user name and pass, nothing happens, it stays on the login page. I am not sure in what code the bug is , can you tell by the bug error in this page: goldpharm.co.il/authentication.php ? and how can it be fixed? , should I post the code? Thanks. Hi I have an image uploading script that won't upload images... It worked at one point when i had folder permission at 0777 but i was told that is risky so i changed it to 0775 Now it won't work and i can't use 0777. Any one know what i need to do to get it to work? This is my script: Code: [Select] <?php $salt = 35322232414; $name = $salt.$safe; $name = md5($name); if(isset($_POST['submit'])){ if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 1000000)) { if ($_FILES["file"]["error"] > 0) { echo $_FILES["file"]["error"]; } else { $filename = md5(serverdate()) . $_FILES["file"]["name"]; if (file_exists("userimages/".$name."/".$filename)) { echo "Image already uploaded!"; } else { if (is_dir("userimages/".$name) == FALSE){ mkdir("userimages/".$name, 0775); //permissions } move_uploaded_file($_FILES["file"]["tmp_name"], "userimages/".$name."/" . $filename); echo "Image has been uploaded!"; } Error i get: Quote Warning: move_uploaded_file(images/73640de25b7d656733ce2f808a330f18/7fc9cb9cf5ae1f7a5dd9105d3f9559fb_63.jpg) [function.move-uploaded-file]: failed to open stream: Permission denied in uploadfile.php on line 41 Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/phpjrX3SO' to 'images/73640de25b7d656733ce2f808a330f18/7fc9cb9cf5ae1f7a5dd9105d3f9559fb_63.jpg' in uploadfile.php on line 4 Hello, I've been assigned the task of creating an internal site for our office that has links to all the websites we use as well as the applications we use. I'm very comfortable using php with mysql for handling forms and displaying database information but I'm not sure how to go about this. So my question is, is there anyway I can use php to open an exe file? Hi Guys, I have the following script which works fine for GoogleMaps Code: [Select] <?php require'EasyGoogleMap.class.php'; $gm = & new EasyGoogleMap("rYvyXhRFPYW5tkV_IE5hWxecUidHAYjJhBSp59xzQuNZcoxNYCiaum4_Xb66Fw"); $gm->SetMarkerIconStyle('STAR'); $gm->SetMapZoom(10); $gm->SetAddress("10 market st, san francisco"); $gm->SetInfoWindowText("This is the address # 1."); $gm->SetAddress("Manila, Philippines"); $gm->SetInfoWindowText("This is Philippine Country."); $gm->SetSideClick('Philippines'); ?> <html> <head> <title>EasyGoogleMap</title> <?php echo $gm->GmapsKey(); ?> </head> <body> <?php echo $gm->MapHolder(); ?> <?php echo $gm->InitJs(); ?> <?php echo $gm->GetSideClick(); ?> <?php echo $gm->UnloadMap(); ?> </body> </html> I've now coded that static page to take the following, and within the GoogleMaps database field entered in exactly the following $gm->SetAddress("10 market st, san francisco"); $gm->SetInfoWindowText("This is the address # 1."); $gm->SetAddress("Manila, Philippines"); $gm->SetInfoWindowText("This is Philippine Country."); $gm->SetSideClick('Philippines'); Code: [Select] <?php $maps_find = $OO_Open->newFindCommand('Maps'); $maps_find->AddFindCriterion('AccountName','xx'); $maps_result = $maps_find->execute(); $maps_row = current($maps_result->getRecords()); $Gdata = $maps_row->getField('GoogleMaps'); //echo $Gdata; //exit; ?> <?php require'EasyGoogleMap.class.php'; $gm = & new EasyGoogleMap("my key"); $gm->SetMarkerIconStyle('GT_FLAT'); $gm->SetMapZoom(10); $gm->SetMapWidth(1080); # default = 300 $gm->SetMapHeight(550); # default = 300 echo $maps_row->getField('GoogleMaps'); //eval("\$Gdata = \"$Gdata\";"); ?> <html> <head> <title>EasyGoogleMap</title> <?php echo $gm->GmapsKey(); ?> </head> <body> <?php echo $gm->MapHolder(); ?> <?php echo $gm->InitJs(); ?> <?php echo $gm->GetSideClick(); ?> <?php echo $gm->UnloadMap(); ?> </body> </html> Is there way of getting the $maps_row->getField('GoogleMaps'); command to behave as if it was php (when I echo it, it does display the code as text). I'm not using the FileMaker db to store the code, I thought eval function was the answer but not had much luck. Many Thanks for the advice Jalz hi, I am having problems setting a session from a SQL query, please help... here is my code: Code: [Select] $query1 = "SELECT * FROM members_copy WHERE rsUser = '$username' AND rsPass = '$password'"; $result1 = mysql_query($query1); echo "<br>".$result1['USERID']; $_SESSION['s_logged_n'] = 'true'; $_SESSION['s_username'] = $username; $_SESSION['USERID']=$result1['USERID']; $_SESSION['RSTOWN']=$result1['RSTOWN']; $_SESSION['RSEMAIL']=$result1['RSEMAIL']; $_SESSION['RSUSER']=$result1['RSUSER']; no sessions are currently being set?! |
|||||||