I am able to write the data to a /tmp directory in Ubuntu but for other directories like writing to /var directory or Desktop, I am unable to write the contents. Is it a permission issue or something else since I am able to edit, modify and read any file from these directory but while writing through PHP code only in /tmp directory I am able to write.
My code is as follows:
$output = "/tmp/image5.png";
//$output = "/home/anand/Desktop/image5.png"
file_put_contents($output, curl_exec($request));
The second $output is not working.
It is the permission issue. Imagine what would happen if everyone could write in everyone's folders. Or delete from them.
You cannot write to your desktop from your PHP script because php script does not have write permission, since it is running from apache user (www-data probably).
You can write to /tmp directory because those files are stored only temporary and everyone can write to that folder.
If you want to write to particular folder (/home/anand/Desktop/ for example), you need to either chown it to www-data (not recommended for your desktop folder), or use chmod 777 /home/anand/Desktop to give write permission to everyone (also not recommended since then other users will be able to write to your Desktop).
Related
I'm facing a problem with deleting video files from folder using php unlink() function , image are deleting but when trying deleting videos it says
unlink(file_path) : permission denied.
You (running your script as either through CLI or a webserver) need write access to the directory in which the files are located. so access to the file is not enough.
Your image directory would be different and writable for webserver or cli.
chmod("your/video/dir/path",0777);
try using above code before unlink the video in your script.
Edit: Looks like you are using Windows. Unfortunately, my answer is for Unix-like operating systems (so Linux, MacOS). You could try installing Bash extension for Win8+, but still I'm not sure if this would work. However, I'm keeping my answer in case of anyone with similar problem is looking here for an answer.
Changing permissions through PHP might work in some cases, but not always, because if you don't have permissions to delete the file you might also not have permissions to change them.
The best solution is to create a directory where you will keep files to which PHP will have full access. Let's call it dirname. Once you have created a directory, change its owner and group to the one corresponding to your web server user's name (if you're using Apache, it's "www-data"), for example: chown www-data:www-data dirname.
Once you've done that, change folder's permissions. My suggestion is 744, it will assure that user who owns it will have all permissions, and everyone else will be able only to read it. To do that, execute the following command: chmod -R 777 dirname.
Now you should be able to do anything you want with the files in given directory directly from PHP.
Executing the following from a PHP script called by apache:
$h = fopen(getcwd()."tmp.txt","w");
fprintf($h,"hi");
fclose($h);
generates a file owned by my personal userid with 644 permissions. However, executing the script again results in an error, since Apache/PHP is running as user wwwrun and so doesn't have the permissions to overwrite the file or to chmod it.
The directory that the files are being placed is in my home directory and has 777 permissions. How can I get PHP to either create the file as owned by wwwrun, or create it with 666 permissions, or do something else, to allow it to be overwritten by PHP.
I am ideally looking for a solution which also applies to the situation where the file is created by PHP via an external program called with the exec function; this seems to suffer from the same problem, in that the external program runs as wwwrun, but files created by the external program are owned by my personal userid.
It turns out the directory in question was mounted on a file system that doesn't support linux file permissions.
I'm trying to upload a file to a virtual machine in Amazon. and i have some questions.
I think i have to give (777) permissions to my server folder to be able to upload my file. if i don't it won't work. is this ok?
is it secure to give those permissions?
You don't need to make the file's permissions 777 in order to be able to write it into a directory. Instead, the directory needs to have permission to be written to by the user.
If you are running apache, the process runs as the user www-data and wherever you are trying to write the file to, must have write permissions by this user. If you are writing to /var/www/my_file_uploads, then try this:
chown -R www-data:www-data /var/www/my_file_uploads
Note that by doing this, you will be preventing others on your home machine from reading the file as well (unless you explicitly permit it).
In my project, I have to upload some video files to a folder which lies outside the root folder. I am using simple php function move_uploaded_file to upload the file. I have tried with the code below.
$source = $_FILES['Filedata']['tmp_name'];
$targetFile = '/usr/local/WowzaMediaServer-3.1.1/content/video.mp4'
move_uploaded_file($source,$targetFile);
But it is not working. Can we done it through move_uploaded_file. if not, suggest a better option to do this.
I have seen some similar question but nothing helps. So any help would be appreciated..
Are you sure you're not in a chroot jail?
If so, your "absolute" path name could be pointing to the wrong place-- somewhere that doesn't exist.
If so, change the path to point to somewhere within the jail.
It may be necessary to mount --bind the directory you want this to go in into some location within the jail. (Note that a symbolic link will not work for getting out of jail.)
More than likely this is a simple permissions issue and quite easy to solve.
Find the user that apache uses. To do this open up your httpd.conf file and look for something like:
User apache
Group apache
Change the ownership of the folder that you're trying to upload to.
chown -R apache.apache /usr/local/WowzaMediaServer-3.1.1/content/
Change the permissions of the folder
chmod -R 775 /usr/local/WowzaMediaServer-3.1.1/content/
And that should be that.
I'm going to assume you're using Apache for the purposes of this answer.
First off, is the file being uploaded ok? One possible reason you might have trouble is that the tmp directory isn't writable by the webserver, or readable come to that. Assuming that's ok then move_uploaded_file should work fine.
Create a folder next to your DOCUMENT_ROOT, let's call it "filestore". Make sure it's writable by www-data or whichever user runs apache. Now, you should be able to move the files into that folder. Note they will be owned by www-data:www-data typically - or whatever user and group your server is set up to run as. The reason I put the "filestore" folder next to the DOCUMENT_ROOT folder is that you can be sure the webserver can read the file path up to DOCUMENT_ROOT. Otherwise you run the risk of a folder part way up the path not being readable, and that'll stop you dead. e.g. if you have /usr/local/media as your target folder and /usr/local isn't readable (and executable) by the webserver, you're toast.
If all this works and you absolutely must have you media elsewhere, you can have the "filestore" folder anywhere so long as the whole path to it is read/executable by the webserver. Check each directory in the path.
If these uploaded files are being downloaded by other users via the web then the "filestore" folder only needs to have permissions of 700 since it's always going to be the web server's user which reads them. If other users need access, typically because other software running as a different user needs to use them then you might need permissions to be 750 to allow group members to read (and execute) the directory. You'll also need to add that other user to the www-data group.
For downloads you will need to write a simple script which dumps the file to the browser after doing some authentication checks. That way, you avoid having the media accessible just via http without having any authentication done first - which could make your service into an attractive place for illegal files (copyright violations being the least concern here).
This is a dangerous approach as it gives root privileges to the apache user, so use with caution.
Add the apache user to the list of sudoers - which will let you execute commands as root in php via system('sudo the_command'). Then move the uploaded file to a temporary location that the apache user can write do (eg. create a 'tmp' directory in the doc root). Then use system("sudo mv \"$source\" \"$destination\""); to move the temporary file to it's final location.
You can find the apache user by executing <?php echo exec('whoami'); ?>. Then add the following entry to sudoers the-apache-user ALL=(ALL) NOPASSWD: ALL. Use visudo to add the sudoer entry.
Example:
$source = $_FILES['Filedata']['tmp_name'];
$targetFile = '/usr/local/WowzaMediaServer-3.1.1/content/video.mp4'
$tempLocation = 'tmp/temp-file.mp4';
move_uploaded_file($source, $tempLocation);
system('sudo mv "' . $tempLocation . '" "' . $targetFile . '"');
Edit: Related question - How to run PHP exec() as root?
Always you face a problem with your code, look at the server log or easier turn on errors display. That said, your problem could be related to upload_tmp_dir setting. Check what a phpinfo() tells about that or look at your php.inifile.
A better solution would be to write the file somewhere where you can write (i.e. under the webroot) and then create a symlink from the media directory to be to where you wrote it.
For example:
Web Root is /var/www/html
You want it at /usr/local/WowzaMediaServer-3.1.1/content/
Create directory /var/www/html/mediaserver/content/
Make permissions on /var/www/html/mediaserver/content/ 777 (so apache can write to it)
Copy files from /usr/local/WowzaMediaServer-3.1.1/content/ to /var/www/html/mediaserver/content/
Delete /usr/local/WowzaMediaServer-3.1.1/content/ (just the "content" directory)
Create symlink from /usr/local/WowzaMediaServer-3.1.1/content/ to /var/www/html/mediaserver/content/
Then you have permissions to read/write, and the media server should too. Only issue would be if the media server is trained not to read symlinks - but you can find that out quickly enough.
I am creating an image dynamically using php. The image is being created if I go in and make the file first. However, if I don't create the file manually then I get the following error.
Warning: imagegif() [function.imagegif]: Unable to open 'filename2.png' for writing in /www/vhosts/yourraceresults.com/htdocs/trial/TextToImage.inc.php on line 144
Example:
public function SaveTextAsPng($fontSize, $x, $y, $textContent, $fileName='image'){
imagestring($this->image, $fontSize, $x, $y, $textContent, $this->text_color);
return imagepng($this->image, "/www/vhosts/yourraceresults.com/htdocs/admin/trial/images/".$fileName.".png");
}
$textToImage->SaveTextAsPng(10, 11,11, 'fakeinfo','filename2');
Either the output folder do not exist (in which case you have to create it), or you do not have write permissions to the output folder. To fix this:
If you're using a shell:
chmod 777 /www/vhosts/yourraceresults.com/htdocs/trial
If you're using an FTP client:
Right click on the "trial" folder, search for something called "chmod", "rights", "permissions" (perhaps in "properties"), then give it every permission or, alternatively, enter chmod value 777.
It seems your web user (apache, www, ...) has not got write permissions in the folder you are trying to write to. Or, if the file already exists, it has not got write permissions for that file.
Edit: Changing the permissions
Supposing you are on a linux like system with an apache web-server, first you need to find out as which user your web-server is running. You need to get a command shell on the server (ssh) and then you can probably see the web-server user typing the following command:
$ ps aux | grep httpd
In the list you will see all running apache processes with the username in the first column.
Let´s say that the web-user is apache, you now need to give apache write permissions in that directory. You can do that by changing the group to apache and giving write permissions to that group or by changing the ownership of the directory to apache. Let´s say you want to change the group:
$ chgrp apache /www/vhosts/yourraceresults.com/htdocs/trial
Give the owner and the group users (apache) write permissions:
$ chmod 775 /www/vhosts/yourraceresults.com/htdocs/trial
Disclamer: this is a fast solution, but I don´t know much about the safety, comments are welcome!
Do you have properly setted rights for output dir? I'm think your web server (and php with it) can't write to destination folder.
It seems your script needs write permissions on that directory. An easy way to change these permissions is to login via FTP and change the permissions from your FTP client. Most (at least, of the few I've tried) FTP clients offer an option when you right-click a folder called "Permissions" or "File Attributes" (FileZilla) or something like that. It should show a dialog with different permissions checkboxes; make sure to give at least the Owner permission to write. If you are on a *nix host, you should be able to go to the directory and issue the command chmod 755 . to change the permissions.
EDIT: chmod 777 . will give you the most permissions, if 755 does not work.