grmpfl! permission hell on shared webspace..

hi,

i hope someone can help me, could not find an helpfull answear in other places - not even on php.net .

i have a folder /images/ (owner "web66", 777), and i want to create new folders inside and upload pictures into this new folders via php - thats all! currently it looks like its easier to fly to the moon and back than creating a folder with different permissions on a shared webserver.

here is my code to create and upload files:

		
<?php

if(!file_exists($uploaddir)) {
	mkdir($uploaddir, 0777);
	chown($uploaddir, "web66");
}
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
...
?>

Code (markup):

and here is what i get:

Warning: chown(): Operation not permitted in /home/www/web66/html/test.php on line 45

Warning: move_uploaded_file(): SAFE MODE Restriction in effect. The script whose uid is 746 is not allowed to access /home/www/web66/html/images/tmp_testdir owned by uid 33 in /home/www/web66/html/test.php on line 47

any ideas...?

 

"When safe_mode is on, PHP checks to see if the owner of the current script matches the owner of the file to be operated on by a file function or its directory"

Maybe you need to make sure that the folders are owned by web66 as well

 

BTW, I'm not 100% sure but I think outputting the process UID in a warning message is a security hazard?

Frankcow's right, sometimes shared hosts use "root" as the owner of almost everything. If this is the case, asking them to change the folder's owner to you should be a reasonable request.

 

I've also run into the seriously annoying problem of a host using 'nobody' as the owner of any files or folders uploaded by a script

 

thats exactly my problem: if i create the same folder with my ftp program everything is ok, but if i use mkdir() i have "wwwrun" as owner and cant use this folder.

 

you may need to contact your host about the issue

 

your hint with the ftp-user pointed me to the right direction, so here the magic code:

function ftp_chmod($ftpstream,$chmod,$file)  {
       //you dont need this at php5, only at php4 
       $old=error_reporting();//save old
       error_reporting(0);//set to none
       $result=ftp_site($ftpstream, "CHMOD ".$chmod." ".$file);
       error_reporting($old);//reset to old
       return $result;//will result TRUE or FALSE
}

//create a directory with correct permissions and ftp-user:

function ftp_pimpmydir($dirname) {
	$dirname = "html/images/".$dirname; //just to start at the right place
	$host = "127.0.0.1";
	$user = "your username";
	$pass = "your supersecret password";
	$conn_id = ftp_connect($host);
	$login_result = ftp_login($conn_id, $user, $pass);
	if ((!$conn_id) || (!$login_result)) {
                //insert some panic-text here
		die; 
	}
    ftp_mkdir($conn_id, $folder);
    ftp_chmod($conn_id, 666, $dirname); // read&write for everyone!
    ftp_quit($conn_id); // i saved the day once again!
}

PHP:

damn, i'm good!

 

where'd you find the code? or did you code it?

 

got the ftp_chmod() function for php4 from php.net, i just did the kwality code for ftp_pimpmydir()