I'm trying to upload a user's photo using a simple HTML input form, but I'm getting the following error. I've set the permissions of my upload folder to 755. I tried 777 and that works, but I've read that setting it to 777 is not advised and that I should be able to use 755?
Warning: move_uploaded_file(uploads/2014_08_21_11_03_14k.jpg) [function.move-uploaded-file]: failed to open stream: Permission denied in /home/yadayada/register.php on line 136
Warning: move_uploaded_file() [function.move-uploaded-file]: Unable to move '/tmp/php8KQwyh' to 'uploads/2014_08_21_11_03_14k.jpg' in /home/yadayada/register.php on line 136
This is my php code:
$userPhotoUrl = 'uploads/'.date('Y_m_d_H_i_s').$_FILES['photo']['name'];
if (is_uploaded_file($_FILES['photo']['tmp_name'])) {
if (!move_uploaded_file($_FILES['photo']['tmp_name'], $userPhotoUrl)) {
// show error message
return;
}
} else {
// show error message
return;
}
First of all, you have to understand what is 755.
For folder, 755 means drwxr-xr-x, which means:
Owner has Read, Write & Execute permission
Group & Public have Read and Execute permission only
As the user running PHP is probably not the owner of the folder, it does not have write permission to the folder. Either:
You chown the folder to PHP's user; or
You make it 777: everybody has Read, Write & Execute permission
Of course, the latter choice has a security issue, as if somebody uploads an executable shell script to your folder, he can execute the script. Therefore, you should stick with the first choice.
You should probably chown the upload folder (move) to the same user as PHP runs under. Try this
chown -R nobody uploaddir
chmod -R 755 uploaddir
Have alook on this Permission
if you set 755, your webserver will be the owner of the folder.
Related
I'm writing a form in HTML and after trying to call a PHP file to store the data, my apache server running on XAMPP displays the error
failed to open stream: Permission denied in /Applications/XAMPP/xamppfiles/htdocs/storage.php on line 5
Storage.php is my PHP file and is trying to write inputs from my HTML file into the txt doc wordfolder.txt.
I have changed all file permissions to read & write and I have gone into the command line and tried pretty much everything I can find
chmod 644 Desktop/wordfolder/wordfolder.txt,
chmod -R 755 Desktop/wordfolder/wordfolder.txt,
sudo chown -R Desktop/wordfolder/wordfolder.txt,
chmod o+x Desktop/wordfolder/wordfolder.txt
My HTML file begins with
<form action="http://localhost/storage.php" method="get" onsubmit="window.location.reload()">
As discussed in the comments below, the problem turned out to be that the x bit wasn't set on the parent directories of the location the file was stored for the user attempting to write the file. The solution is to create a new folder, outside your home directory (e.g. /Users/web), chown it to the user that runs the web server and then it should be writable.
Try it;
chmod('file path', 0755);
I have a folder /var/www/html/images/ppic/50x or 100x (dependin on size) where user avatars are kept. When a user uploads a new avatar, it gets resized and moved to each different size folder.
I m getting the following permission errors:
Warning: move_uploaded_file(images/ppic/144231007.jpg): failed to open stream: Permission denied in /var/www/html/settings.php on line 154
Warning: move_uploaded_file(): Unable to move '/tmp/phpi3oiJp' to 'images/ppic/144231007' in /var/www/html/settings.php on line 154
not moved
How do I set permissions to these folder in a way that will allow users to upload but not delete or mess with?
try with this
sudo chmod 755 -R /directory_name
which user owns the directory?
try chown www-data:www-data /directory_name
Also placing user uploading files in a web accessible directory isn't great practice.
Placing them somewhere outside of the web root and using a script to display them in the browser is safer.
I want to make and remove directories, and files with a php script
example:
<?php
if (!is_dir('examples')) {
mkdir('examples');
}
?>
But I get permission denied. How can I allow this one script to run these commands?
I have tried chmod 777 mkdir.php and chmod +s mkdir.php
which got rid of the Permission denied meaage, but It still doesn't create the folder.
how can i get mkdir() and or rmdir() php function to work?
Please note, I am not using php as a shell script.
Probably just chown to the user.
(I just came to put an answer here to mark 'answer found')
Original text:
777, if the user www-data isn't the owner of the parent directory or not in the same group as the owner. Usually it would be 775, tho.
Credit to Charlotte Dunois
For a project I need my php file to create a dynamic file (on remote server which I bought) which loads into a flash component. Everything is working fine on my localhost. But once I upload it to the server, it throws the following errors:
Warning: fopen(output.html) [function.fopen]: failed to open stream: Permission denied in C:\Inetpub\vhosts\x.co.in\httpdocs\blabla.php on line 25
Warning: DOMDocument::save(k_id.xml) [domdocument.save]: failed to open stream: Permission denied in C:\Inetpub\vhosts\x.co.in\httpdocs\blabla.php on line 136
where on those lines fopen is written.
I understood as there is no permission to my php file to create any dynamic files on the server. So i just wanna understand is there a way by which I can privilege my php to create that file on the server.
I've the login access, which I think I've to put somewhere in code before it tries to create such file...but i dont know how to figure this...any suggestions?
The user that runs the PHP process needs to have permissions to write new files in the target folder. On linux servers this is done using CHMOD.
chmod 777 -R /path/to/folder
777 is the permission (full permission for testing only), -R means recursive for the files/folders inside. As you are using windows just right click on the folder and look at properties and search for permissions.
Create a new directory where the PHP will write the files. For that directory set permissions to 705 (that is owner has Read, Write, Execute permission)
You can either do that using a FTP client (Filezilla) or via a Bash shell
mkdir inputfiles
chmod 705 inputfiles
I've got the following situation:
public_html - 755
=> avatar - 777
=> poll - 755
Now when I use the following code, i'll get an error (Warning: file_put_contents(../test.php) [function.file-put-contents]: failed to open stream: Permission denied in XXX):
<?php
file_put_contents('../test.php','<?php');
?>
But when I use the code below, it'll work just fine:
<?php
file_put_contents('test.php','<?php');
?>
(both executed from 'avatar', with 0777)
How can I solve this?
Since your script is executing from avatar, which has 0777 permission (world read/write/execute), it is normal that you are able to create a file within it (i.e.: file_put_contents("test.php")).
If you are not able to create files in public_html (i.e.: file_put_contents("../test.php")), it's because the user that is executing your script (most probably the Apache user) is not the owner of public_html (the owner is most probably a FTP user). Because 0755 means that only the owner is able to write to the directory, then others are only able to read or execute from it.
If you have shell access, you can use chown to change the owner of the file:
bash-4.1.5$ chown newuser public_html
Or you can chmod with higher permissions for non-owners, but you ought to be careful with that.
I guess it's not possible to write to a higher folder, even when you've 0777 permission.
It's not possible to use chmod on this dir, you'll have to use FTP or something.