Some people who are trying to install and use the SEO-Bookshop-Addon I posted here are running into problems owing to php scripts in their directory system not being allowed to open files in those subdirectories for writing, or to create further subdirectories.

I am apparently pretty naive. I assumed that if one could run php at all on one's host's server--that is, as a part of one's hosted web site--then one could do pretty much anything with such scripts, at least so long as one was working within one's own directories (the site's root directory and subdirectoires thereof).

Assuming Apache server software (which the package requires anyway), what are folks likely to need to do to use php scripts that want to make new subdirectories and/or to make or append to files in those subdirectories?

This all seems very weird to me and I don't know what to tell those folks . .. .

I really need help here a.s.a.p. Thanks!

If you are running it from a web browser, the "user" that the web server is running as would need access (for example the user is httpd on my servers). Or, if it doesn't need to be run from a web browser, the new versions of PHP allow you to run the script from a shell (if you have shell access). Then it would run as you.

- Shawn

After a particularly gruesome many hours spent Googling up information on this matter, I have come to what I think is some understanding of this matter. If anyone knows better about what I have to say, please do post it.

Apache server software runs php as a module. When php is run in "safe mode", files cannot be handled save by their owner. That is not exactly a radical conception, but the trick is this: the module running php scripts is not the user who uploaded the scripts to the server--it is the Apache php module, which is more or less literally "nobody". So you upload a php script with the naive expectation that because you uploaded it to your directories, it will have your read/write/execute privileges in your directories: ha! Not so. Gotcha!

Your uploaded php script will have only the rwx privileges that the world at large has, no more, because it is "nobody" to the operating system--the Apache php module is not "you".

The web is chock-full of bemused or angry (or both) users crying out for "workarounds" for this bizarre situation. In this corner, in the black trunks with the purple stripe, are all the ISP operators to whom it is an article of faith that without safe mode on, Satan will seize their servers wholesale in 37 milliseconds. In this corner, in the white trunks with the gold stripe, are the apparently quite knowledgeable large minority who see "safe mode" as a joke, and a feeble one at that, on the ground--I simplify much here--that any malicious sprite who could do X were safe mode off could do X with exactly as much ease with safe mode on. In other words, "safe mode" only "protects" the system against honest users trying to do simple, honest things they should have every right to do, and has roughly zero use in blocking serious malefactors.

That is one non-expert's opinion, but one I think hard come by and very likely correct. And one certainly shared by some apparently expert others.

Just posted a comprensive reply to this on another thread.

http://forums.digitalpoint.com/showthread.php?t=916