I am using mkdir() to create new files in my code, but for some reason it is setting something called "daemon" as the admin. I cannot delete these files, edit, access, or even move these files. How can I change this from happening when creating files in my code?
<?php
$dir = 'myDir3';
// owner will be the user/group the PHP script is run under
if ( !file_exists($dir) ) {
mkdir ($dir, 0777);
}
file_put_contents ($dir.'/test.txt', 'Hello File');
$file = 'template.php';
if(file_exists($file)){
echo readfile($file);
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
ini_set("display_errors", 1);
copy($file, $dir.'/fake.php');
} else {
echo 'file does not exist';
}
?>
Eureka Edit(1):
Ok, thanks again #blueweimer , for clarifying that you are using XAMPP on MacOS (and not XAMPP-vm); because thanks to that clarification I was able to find the right answer to your question, which can be found here.
To elaborate on the answer found in the link:
By default, when creating any sort of folder or file in XAMPP in MacOS it uses the user and group found in the httpd.conf file (the d stands for "daemon", which is the name given to running processes in Unix systems (like Linux and Mac, Mac being a slant more differentiated from Unix but still carrying over some of the same terms)). So by changing the user and group found in this file you can change the user that keeps the server running. It's the user that Apache uses to access everything and anything inside XAMPP.
It's important to note that you are changing your access user when changing the file in httpd.conf; but that does not automagically change the owner of the files and folders that have already been created. According to the link above, these files are found in /Applications/XAMPP/xamppfiles/, you'd have to change the owner of the files and the folder itself to the new user you've changed it to in httpd.conf.
Do not change this user to your own, as any failure in security that can occur on XAMPP will allow anyone with access to your XAMPP server to access your user remotely.
Before Edit:
Firstly, if possible, please post a code snippet so that we may know how this is being accessed.
Secondly, I'd like to apologize for placing all of this in an answer(low reputation so I can't comment just yet), but judging by the mkdir manual page for php, it seems that it creates the directory with the user who's running it as the owner. Given that it's setting the owner to "daemon" and you are unable to access it, I believe it safe to assume that you are not establishing default permissions (0777) and are running the file as a daemon.
You could choose to change the permissions the folders are created with:
<?php
mkdir("/path/to/my/dir", 0777);
?>
Alternatively you could use the chown command to change the ownership from "daemon" to another user within the same php file you create the folders with:
<?php
mkdir("/path/to/my/dir", 0700);
chown("/path/to/my/dir", "username");
?>
This answer was given according to the information provided: you did not specify which webserver you're using (you've simply specified html), and you've not specified an OS, so my understanding ist that it is a Linux distribution (otherwise folder access would not be a problem with PHP but rather with the webserver's permissions).
Related
We recently upgraded our server to cPanel 78 and migrated from EA3 to EA4. Our server only has two sites on it, and prior to the upgrade we could use PHP scripts to copy files between the two sites using PHP's file_exists() and copy() functions.
We could use the file_exists() function to grab files from site1 and migrate them to site2 using code similar to this:
$current_path = '/home/site1/public_html/uploads';
$new_path = '/home/site2/public_html/uploads';
if(file_exists($current_path.'/v2n62l6v.jpg')) {
echo 'File exists: true' . "\n\n";
copy($current_path.'/v2n62l6v.jpg', $new_path.'/2020/03/30/v2n62l6v.jpg');
} else {
echo 'File exists: false' . "\n\n";
}
This code also creates new directories and sets the permissions to 0755.
After the upgrade, when we attempt to execute the script, we are greeted with this error:
File exists: true
Warning: copy(/home/site2/public_html/uploads/2020/03/30/v2n62l6v.jpg): failed to open stream: Permission denied in /home/site2/public_html/move.php on line 15
We are able to move the files if we set the permissions to the folders to 0777, but I would prefer to not have to change all of the folder permissions (there are 10s of thousands).
Any ideas on where to start or what settings may have changed during the upgrade to either EA or cPanel/WHM?
Site is using:
PHP 5.5 (ea-php55)
DSO PHP Handler
CENTOS 6.10
cPanel v78.0.47
I am happy to provide any other information to help trouble shoot this issue.
Thanks so much for any/all help.
As you said that it is CentOS so the following should work
<?php
$current_path = '/home/site1/public_html/uploads';
$new_path = '/home/site2/public_html/uploads';
//Below command will copy paste all folders recursively
shell_exec("cp -r $current_path $new_path");
echo "All Done";
?>
If the above one doesn't works for some reasons then try going to the SSH terminal directly and run that shell command with your paths.
As you mentioned in comments that you want to further process the files that could be done on site2 itself once all files are there you could scandir/is_dir to scan and process files. But that is different topic.
If you really need to do this you have to make sure php user owns both sites files - apparently this is not your case.
Alternatively you can use root user to copy files preserving ownership and permission or changing their owner and permission at the destination accordingly.
One other option is to umask user privileges before your operation; Is strongly recommended to revert umask value after operation is completed:
https://www.php.net/manual/en/function.umask.php
Ex:
$old = umask(0);
//your operation here
umask($old);
I'm facing a problem with deleting video files from folder using php unlink() function , image are deleting but when trying deleting videos it says
unlink(file_path) : permission denied.
You (running your script as either through CLI or a webserver) need write access to the directory in which the files are located. so access to the file is not enough.
Your image directory would be different and writable for webserver or cli.
chmod("your/video/dir/path",0777);
try using above code before unlink the video in your script.
Edit: Looks like you are using Windows. Unfortunately, my answer is for Unix-like operating systems (so Linux, MacOS). You could try installing Bash extension for Win8+, but still I'm not sure if this would work. However, I'm keeping my answer in case of anyone with similar problem is looking here for an answer.
Changing permissions through PHP might work in some cases, but not always, because if you don't have permissions to delete the file you might also not have permissions to change them.
The best solution is to create a directory where you will keep files to which PHP will have full access. Let's call it dirname. Once you have created a directory, change its owner and group to the one corresponding to your web server user's name (if you're using Apache, it's "www-data"), for example: chown www-data:www-data dirname.
Once you've done that, change folder's permissions. My suggestion is 744, it will assure that user who owns it will have all permissions, and everyone else will be able only to read it. To do that, execute the following command: chmod -R 777 dirname.
Now you should be able to do anything you want with the files in given directory directly from PHP.
EDIT 1
This question involves the user of the MANGOPAY API. My problem is that I cannot get the API to write to the tmp folder.
I have succeeded in getting the API to write to http://fakedomain.com/apifolder/blank.txt and getting the appropriate output.
I then ran the script http://fake.com/apifolder/demos/iswrite.php on http://fakedomain.com/apifolder/blank.txt to have minimal working code I could test on the tmp folder. Here is the code in the script:
<?php
$filename = 'blank.txt';
echo "<br>";
file_exists($filename);
echo "<br>";
if (file_exists($filename)) {
echo "The file $filename exists";
} else {
echo "The file $filename does not exist";
}
echo "<br>";
if (is_writable($filename)) {
echo 'The file is writable';
} else {
echo 'The file is not writable';
}
?>
It gives me the output
The file blank.txt exists
The file is writable
so all good there. I created the following file with the following permissions using Filezilla:
In the script http://fake.com/apifolder/demos/iswrite.php I have changed the filename variable to $filename = 'http://fake.com/tmp/creative/blank.txt';. It gives me the following output:
The file http://fake.com/tmp/creative/blank.txt does not exist
The file is not writable
Also, allow_url_fopen is on.
I don't fully understand URL structures, so maybe the problem lies there? The tmp folder I am trying to access is on the same level as my public_html folder. Maybe I am writing my URLs wrong?
Put in another way, does the tmp folder have to be outside the public_html folder? Would there be any purpose to this? Or can I have create my own tmp folder within public_html where it is already working?
ORIGINAL QUESTION
The original question was poorly written. Please see EDIT 1
I am playing with the sandbox of an API (MangoPay). I have included my ClientId and ClientPassword which seems to work.
The API also says...
You also need to set a folder path in $api->Config->TemporaryFolder
that SDK needs to store temporary files. This path should be outside
your www folder. It could be /tmp/ or /var/tmp/ or any other location
that PHP can write to.
I have created one at:
ftp://fakedomain#fakedomain/tmp/fakefoldername
I am running the php script from my desktop using Terminal. The output it is giving me is
Cannot create or write to file
ftp://fakedomain#fakedomain/tmp/fakefoldername
even though I have set permissions to 777.
Any idea of why I am getting this error?
I am guessing the library in question is this one, and the error you are getting is this exception:
if (!is_writable($this->GetPathToTemporaryFolder()))
throw new \MangoPay\Libraries\Exception('Cannot create or write to file ' . $this->GetPathToTemporaryFolder());
So basically we seem to be debugging a call to is_writable().
make sure allow_url_fopen is on
if applicable, make sure the URL includes the FTP password
make sure the folder exists and the FTP account has write permissions (777 should suffice...)
Generally speaking a temp dir is supposed to be located on the same machine as your code. Using FTP is less than ideal. Are you not able to use a local directory?
You'll notice in the MangoPay documentation it shows a local dir:
https://github.com/Mangopay/mangopay2-php-sdk
$api->Config->TemporaryFolder = '/some/path/';
You should probably stick to that, instead of using a remote server via FTP.
An out-of-the-box Linux machine running Ubuntu 14.04 has the following user and permission settings
drwxrwxrwt 13 root root 4096 nov 9 00:56 tmp//
And the dummy directory
drwxrwxr-x 2 eric eric 4,0K nov 9 00:49 fakefoldername/
In case of switching to 777 permission set (as you said, you have already done this), that would be
drwxrwxrwx 2 eric eric 4,0K nov 9 00:49 fakefoldername/
The point to notice here is that if you used chmod 777 fakefoldername it changes the permission set only to the directory without touching any of the files/directories in fakefoldername (use chmod -R 777 fakefoldername). Another point to remember is that directories leading to the fakefoldername also need to have sufficient perms. For this particular case, check if /tmp folder has them, fix if necessary
sudo chmod 1777 tmp/
Also, as stated above, I would try to make another directory in /var directory and see how things are going then (an nice answer why to or not to choose /var/tmp over /tmp here).
For others: the SDK that is used is probably https://github.com/Mangopay/mangopay2-php-sdk
There might be some hints in the somewhat similar answers below:
http://forum.odin.com/threads/error-message-cant-create-write-to-file-tmp-after-overflow-tmp.296376/
https://unix.stackexchange.com/questions/39466/vsftpd-553-could-not-create-file-permissions
Most likely, your apache dont have permissions to write that folder, you have to be sure that you are creating that directory with same user (in your case, apache) and also chmod.
I have googled but I can't seem to get my script to work.
this is my code
if (is_dir("tmp")) {
if (substr(sprintf("%o", fileperms("tmp")), -4) == "0777") {
echo "good";
} else {
echo "going to chmod the tmp folder to 777";
if (!chmod("tmp", octdec(0777))) { // tried chmod("tmp, 0777) too
echo "Oops, I couldn't chmod the /setup/tmp directory, please do this manually";
}
}
} else {
echo "we'll make the folder";
}
I can't seem to get the chmod to work, i read somewhere that if register globals was off then this wouldn't work(i have that setting set to off).
I followed the PHP.net manual and some of the examples they provided there in the user comments, as well as some stack-overflow posts that i found relevant. but perhaps i need to tweak some php settings to get this to work?
Is there a way to get the chmod function to work without needing to change the PHP.ini?
You haven't given us enough information to determine why chmod() is failing. It could be that the web-server doesn't have sufficient privileges to alter directory permissions.
The owner of the web-server process should own the directory or be a member of the owning group. For example, if root owns tmp, and your web-server is running as the user 'apache', it will not be possible to modify the directory's permissions from PHP.
I believe the settings you mention in php.ini are for debugging, not magically 'fixing' chmod. Try prepending the following lines of code to your PHP script and you should get more useful debug output:
ini_set('display_errors', 'On');
error_reporting(E_ALL)
Represent like this:-
chmod("tmp", 0777);
The user that is running the php daemon or web server daemon must have write access to the directory you are trying to chmod. In my case, www-data is the user that is running php and any commands that php is trying to run, it will be run as the www-data user.
If you create a directory using the php mkdir function, you will notice that the owner of the directory is who ever is running the php or webserver daemon. And any directory that was created by php, php will be able to chmod, chown, do anything to it because it is the owner.
You can either
chown the directory so that the owner is the php user
set writing privileges for the group and set the group to the same group as the php user
do something like giving sudo privileges to the php user which is not recommended btw.
I want list files of a particular directory using php exec function. I have used this
exec('ls /home/vikas/hft/a5/traders/sa/*.bin', $NameOfBinaries);
code for listing the bin files from /home/vikas/hft/a5/traders/sa/ directory. It works fine when I run the script in CLI mode but when I run in browser it return empty array.
Apache probably doesn't have rights to read files in your home directory.
Why not move the files somewhere that Apache can see them and use PHP's readdir() function?
http://php.net/manual/en/function.readdir.php
You can use the glob() PHP function instead, enabling error reporting and stopping at first error, like this:
error_reporting(E_ALL);
ini_set('display_errors',1);
ini_set('display_startup_errors',1); // This is not necessary, but can add info
$nameOfBinaries = glob( '/home/vikas/hft/a5/traders/sa/*.bin', GLOB_ERR );
Please note: the GLOB_ERR flag works only with PHP versions above 5.1.0.
Moreover, this seems a permission issue, so you can check if you have the correct access permissions to the directory:
$handle = fopen("/home/vikas/hft/a5/traders/sa/", "r");
echo ($handle===false)? "Readable dir":"Unreadable dir";
This, in turn, is due to the different users under which the PHP webserver and commandline binary run, i.e. when run from the commandline, PHP inherits permissions from the currently logged user, while, when run from the web, it inherits user permissions from the webserver (Apache/ISS or whatever).
To be able to read that dir (when run from the web), appropriate permissions must be set on that directory. It must be readable from the user or group under which the webserver runs.
If you have an Apache server, in httpd.conf the User and Group directives contain respectively the user name and group name under which Apache will run.
If you cannot access server config, you should contact your system administrator asking for read permissions of that directory. A less secure option would be to set that directory (via FTP or shell) as "world readable".
Make sure that the user-account -- that the webserver runs as -- has permission to read that directory.
How about system? http://au.php.net/manual/en/function.system.php
Don't use external functions for this, but instead use built-in PHP directory functions.