1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

grmpfl! permission hell on shared webspace..

Discussion in 'PHP' started by falcondriver, Mar 20, 2006.

  1. #1
    hi,

    i hope someone can help me, could not find an helpfull answear in other places - not even on php.net .

    i have a folder /images/ (owner "web66", 777), and i want to create new folders inside and upload pictures into this new folders via php - thats all! currently it looks like its easier to fly to the moon and back than creating a folder with different permissions on a shared webserver.

    here is my code to create and upload files:

    		
    <?php
    
    if(!file_exists($uploaddir)) {
    	mkdir($uploaddir, 0777);
    	chown($uploaddir, "web66");
    }
    if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile))
    ...
    ?>
    
    Code (markup):
    and here is what i get:

    Warning: chown(): Operation not permitted in /home/www/web66/html/test.php on line 45

    Warning: move_uploaded_file(): SAFE MODE Restriction in effect. The script whose uid is 746 is not allowed to access /home/www/web66/html/images/tmp_testdir owned by uid 33 in /home/www/web66/html/test.php on line 47

    any ideas...?
    SEMrush
     
    falcondriver, Mar 20, 2006 IP
    SEMrush
  2. frankcow

    frankcow Well-Known Member

    Messages:
    4,860
    Likes Received:
    264
    Best Answers:
    0
    Trophy Points:
    180
    #2
    "When safe_mode is on, PHP checks to see if the owner of the current script matches the owner of the file to be operated on by a file function or its directory"

    Maybe you need to make sure that the folders are owned by web66 as well
     
    frankcow, Mar 20, 2006 IP
  3. sketch

    sketch Well-Known Member

    Messages:
    898
    Likes Received:
    26
    Best Answers:
    0
    Trophy Points:
    148
    #3
    BTW, I'm not 100% sure but I think outputting the process UID in a warning message is a security hazard?

    Frankcow's right, sometimes shared hosts use "root" as the owner of almost everything. If this is the case, asking them to change the folder's owner to you should be a reasonable request.
     
    sketch, Mar 20, 2006 IP
  4. frankcow

    frankcow Well-Known Member

    Messages:
    4,860
    Likes Received:
    264
    Best Answers:
    0
    Trophy Points:
    180
    #4
    I've also run into the seriously annoying problem of a host using 'nobody' as the owner of any files or folders uploaded by a script
     
    frankcow, Mar 20, 2006 IP
  5. falcondriver

    falcondriver Well-Known Member

    Messages:
    963
    Likes Received:
    47
    Best Answers:
    0
    Trophy Points:
    145
    #5
    thats exactly my problem: if i create the same folder with my ftp program everything is ok, but if i use mkdir() i have "wwwrun" as owner and cant use this folder.
     
    falcondriver, Mar 20, 2006 IP
  6. frankcow

    frankcow Well-Known Member

    Messages:
    4,860
    Likes Received:
    264
    Best Answers:
    0
    Trophy Points:
    180
    #6
    you may need to contact your host about the issue
     
    frankcow, Mar 20, 2006 IP
  7. falcondriver

    falcondriver Well-Known Member

    Messages:
    963
    Likes Received:
    47
    Best Answers:
    0
    Trophy Points:
    145
    #7
    your hint with the ftp-user pointed me to the right direction, so here the magic code:

    
    function ftp_chmod($ftpstream,$chmod,$file)  {
           //you dont need this at php5, only at php4 
           $old=error_reporting();//save old
           error_reporting(0);//set to none
           $result=ftp_site($ftpstream, "CHMOD ".$chmod." ".$file);
           error_reporting($old);//reset to old
           return $result;//will result TRUE or FALSE
    }
    
    //create a directory with correct permissions and ftp-user:
    
    function ftp_pimpmydir($dirname) {
    	$dirname = "html/images/".$dirname; //just to start at the right place
    	$host = "127.0.0.1";
    	$user = "your username";
    	$pass = "your supersecret password";
    	$conn_id = ftp_connect($host);
    	$login_result = ftp_login($conn_id, $user, $pass);
    	if ((!$conn_id) || (!$login_result)) {
                    //insert some panic-text here
    		die; 
    	}
        ftp_mkdir($conn_id, $folder);
        ftp_chmod($conn_id, 666, $dirname); // read&write for everyone!
        ftp_quit($conn_id); // i saved the day once again!
    }
    
    damn, i'm good! :cool:
     
    falcondriver, Mar 20, 2006 IP
  8. frankcow

    frankcow Well-Known Member

    Messages:
    4,860
    Likes Received:
    264
    Best Answers:
    0
    Trophy Points:
    180
    #8
    where'd you find the code? or did you code it?
     
    frankcow, Mar 20, 2006 IP
  9. falcondriver

    falcondriver Well-Known Member

    Messages:
    963
    Likes Received:
    47
    Best Answers:
    0
    Trophy Points:
    145
    #9
    got the ftp_chmod() function for php4 from php.net, i just did the kwality code for ftp_pimpmydir() :)
     
    falcondriver, Mar 20, 2006 IP
    frankcow likes this.