I am new to PHP and I have little experience with manipulating files with PHP; I keep getting a 'permission denied' warning message and can't seem to figure out a solution.
I've made a simple web application with one php file that has just these two lines:
$file = fopen( '/Users/<myname>/Desktop/file.txt', 'r' );
var_dump( json_decode( $file ) );
to see whether the variable has been set.
When I run the script on chrome, I get:
Warning: fopen(/Users/<myname>/Desktop/file.txt): failed to open stream: Permission denied in /Applications/XAMPP/xamppfiles/htdocs/testwebsite/filereader.php on line 1
NULL
Presumably, the NULL is because $file has not be set or is empty.
I have read numerous posts online and I am still very confused about the explanations given. From my understanding, it is a permissions problem where I have not given the right privileges to some file.
I have tried many command lines such as chmod 755 /Applications/XAMPP/xamppfiles/htdocs/testwebsite/filereader.php to give permission to the script to at least be able to read a file but to no avail.
I have also read that it might be due to some user privileges that were not properly set so I've ran these to command to see who the user was:
echo get_current_user();
return 'daemon'?, a program that runs in the background?
exec('whoami');
returns '<myname>', my current machine's name
I am not sure how to proceed from here, whether to give permission to my machine that runs the script or 'daemon'.
I just want the application to run on at least my personal computer.
Related
background: I have a PHP script which calls shell_exec. For the moment i just want to test that it works and am running a basic command through it. Separate copies of the same script exist in two separate webapps on the same server. Both apps' anonymous authentication are set to IUSR.
Here is the example code:
$output = shell_exec('dir 2>&1');
print_r($output);
Trying it on one website in IIS gives the desired output. However, on another, it does not capture any output and instead give the below error:
PHP Warning: shell_exec(): Unable to execute 'dir 2>&1' in C:\inetpub\webapp\script.php on line 4
The only information i could find on this error is from here:
With PHP on Windows, if you get the 'Warning: shell_exec()
[function.shell-exec]: Unable to execute' error, then you need to
check the permissions on file 'C:\WINDOWS\system32\cmd.exe'. You need
read/execute permission on this file. I would recommend using the
sysinternals Process Monitor 'procmon.exe' to confirm the user that is
trying to run 'cmd.exe'. Filter on 'Process Name' is 'php-cgi.exe' and
'Path' ends with 'cmd.exe'. Look at the event properties for the task
with the access denied error, and it will show you the 'Impersonating'
user name. This is usually the 'Internet Guest Account', often 'NT
AUTHORITY\IUSR'.
Yet this doesnt seem like a permissions issue. I cannot understand why its working through on website and not another. Anonymous Authentication for both websites are set to IUSR.
also, safe_mode in php.ini is set to off.
Is there anything else i need to check here? Does cmd.exe need explicit read/execute permissions for IUSR?
It turns out, for whatever reason, that IUSR was the problem. I cannot exactly know why, but changing Anonymous Authentication of the affected website to use another user it worked. So it is permissions related after all.
I have a PHP script that is trying to open the directory "C:\Users\userA\Desktop". However, the opendir() call is returning false. Here is my code:
$path = 'C:\Users\userA\Desktop';
var_dump (is_dir($path)); //prints TRUE
var_dump (is_readable($path)); //prints TRUE
var_dump (is_writable($path)); //prints TRUE
var_dump (open_dir($path)); //prints FALSE
When I run the above from the command line, everything is TRUE, and works as expected. When I run it via an Ajax call from a web browser, opendir fails. This is running in IIS 7.5. I have set the permissions for that directory to full permissions for "Everyone". Yet, it still seems to be some sort of permissions issue. I'm not sure where to go from here.
I found the solution to my problem. I had added permissions to "C:\Users\userA\Desktop". I needed to go up one more directory. I granted IIS_IUSRS privileges to "C:\Users\userA", and it solved my problem.
I'm using a ftp upload script to transfer one server to another. It works fine in a browser window, and works great from an ssh command line by running:
php /var/www/vhosts/domain.com/httpdocs/ftp_shell.php
but when I run the exact same command from a cron, I get this:
PHP Warning: ftp_get(ftp.tmp): failed to open stream: Permission denied in /var/www/vhosts/domain.com/httpdocs/ftp_shell.php on line 516
PHP Warning: ftp_get(): Error opening ftp.tmp in /var/www/vhosts/domain.com/httpdocs/ftp_shell.php on line 516
I looked on line 516, which is:
if((ftp_get($ftp_from,"ftp".$tmp.".tmp",$fname,FTP_BINARY) ||
ftp_get($ftp_from,"ftp".$tmp.".tmp",$fname,FTP_ASCII)) &&
(ftp_put($ftp_to,$fname,"ftp".$tmp.".tmp",FTP_BINARY) ||
ftp_put($ftp_to,$fname,"ftp".$tmp.".tmp",FTP_ASCII)) &&
ftp_site($ftp_to,"chmod ".base_convert($chmod,10,8)." $fname") &&
f_size()&&unlink("ftp".$tmp.".tmp")) {echoout(" (".$size_b." bytes) ok<br>");$count_f++;}
I know that it's writing the file to a temp file, but why would it allow me to do it in the browser and command line, but not a cron?
Probably the temp file was created by php script(apache user) and you want to read it from cron job (root user). Temp files are not readable from one users to others for security reasons.
You have to change your cron job to be executed by apache user, or you can alter the permissions of the temp file to be readable for everyone, but this is not recommended as any other procesess could read the file.
Jobs run under cron will have a different default working directory than whatever you're running from a webserver and/or the command line. Most likely whatever directory IS being used as the default while in cron does not have appropriate permissions for the cron job to use.
Try using absolute paths, e.g.
ftp_get($ftp_from,"/real/path/to/file/ftp".$tmp.".tmp",$fname,FTP_BINARY)
^^^^^^^^^^^^^^^^^^^
instead of the relative paths you're using otherwise.
The error says:
PHP Warning: ftp_get(ftp.tmp): failed to open stream
and the line is:
if((ftp_get( $ftp_from, "ftp" . $tmp . ".tmp", $fname ...
so the error must be in a empty $tmp variable
Cron is not working properly. i have created a file inside /etc/cron.d with following command
$ touch /etc/cron.d/php-crons
$ chown www-data /etc/cron.d/php-crons
i got error like (*system*php-crons) WRONG FILE OWNER (/etc/cron.d/php-crons)
so i changed file owner as root
$ chown root /etc/cron.d/php-crons
even though cron is not working.
my php file (cron.php) is as follows
$fp = fopen('/etc/cron.d/php-crons', 'a');
fwrite($fp, '10 * * * * root usr/bin/php PATH TO SCRIPT/email.php'.PHP_EOL);
fclose($fp);
when i open the /etc/cron.d/php-crons there i can able to see the job.
10 * * * * root usr/bin/php /var/www/PATH TO SCRIPT/email.php
In email.php i included
#!/usr/bin/php
mail ("examplemail#gmail.com", "Cron Successful Public HTML!", "Hello World from cron.php!");
if i change (/etc/cron.d/php-crons)file owner as root and then run cron.php in browser , then i not able to write anything inside /etc/cron.d/php-crons and get warning as follows.
Warning: fopen(/etc/cron.d/php-crons): failed to open stream: Permission denied in /var/www/cron.php on line 2 Warning: fwrite() expects parameter 1 to be resource, boolean given in /var/www/cron.php on line 3 Warning: fclose() expects parameter 1 to be resource, boolean given in /var/www/cron.php on line 4 .
please someone guide me!!
There are several issues. As you noticed, your implementation of the cron daemon does not allow to be the files owned by non-root-users and you will not be allowed to make the file world-writable for the same reason of security.
Your cron job line, at least in the example, lists a relative path ("usr/bin/php") that should be absolute. That your cron.php file is owned by root does not mean it is run as root user. It is executed and run by PHP because it has the appropriate group and/or other permission bits. And you shouldn't change the permissions in a way it is run as root (e.g. with setuid-chmods).
What you probably should do is a cronjob line that acts as a wrapper to a PHP script. The PHP script reads all your jobs from a database and executes them, or even a text file similar to what you already created.
This way you can run the wrapper script as a non-root user. Most cron implementations allow you to name the user (e.g. www-data) on others you use the "su" command before your script (see man 5 crontab etc.).
which operating system are you using? Normally for something like this you want to use per user crontabs. so the commands are run as that user. /etc/cron.d is used for system crontabs. (/var/spool/cron/crontabs) is where user crontabs are stored, but they will need to be enabled. Normally by adding the user that is allowed to use them to /etc/cron.allow. Allowing the web process to make changes to files that run as root is really a bad idea. With the per user option it would only be able to touch things that it could normally touch anyways, so less of security risk.
i'm having this problem
sh: CutyCapt: Permission denied
my php code is
<?php
echo exec('CutyCapt --url=http://www.google.com --out=/var/www/google.png --javascript=on 2>&1');
?>
When calling an executable from PHP, it is called with the permissions of the user PHP runs as (often the Apache server, for example).
That user account does not have permission to call that executable - probably because it belongs to a different user, and has the "executable" bit only for that user or group.
That's all that can be said for sure without more information.