I've a social network that I'm building a mobile site for. It's pretty much finished although I'm struggling to mkdir when a user creates an account on the mobile site in the overall host root. Is it possible?
I tried this:
mkdir("http://www.domain.com/image/".$mid, 0777);
mkdir("http://www.domain.com/image/".$mid."/temp", 0777);
mkdir("http://www.domain.com/image/".$mid."/preview", 0777);
umask($oldumask);
copy('http://www.domain.com/images/default.png', 'http://www.domain.com/image/'.$mid.'/default.png');
copy('http://www.domain.com/images/default.png', 'http://www.domain.com/image/'.$mid.'/thumb-default.png');
But unsurprisingly it didn't work. How can I go back to the host root of the site, not the domain root? Is it possible? Any suggestions?
See the DIR layout example here:
Echo __DIR__ (dirname(__FILE__) for PHP below 5.3) in your index.php (or any other file that covers its base). It should return the full path from the server root to index.php. mkdir needs the server root, not the browser root.
Related
I'm using a new server host and $_SERVER["DOCUMENT_ROOT"] is not working because returns a different path than the real one.
Example, I added includes/inc.php to the public_html folder on the server and used this code:
include_once($_SERVER["DOCUMENT_ROOT"] . DIRECTORY_SEPARATOR . 'includes' . DIRECTORY_SEPARATOR . 'inc.php');
This is the result:
Warning: include_once(/var/www/html/includes/inc.php): failed to open stream: No such file or directory in /home/tom_server/public_html/index.php on line 4
$_SERVER["DOCUMENT_ROOT"] is returning something unexpected. If I use dirname(__FILE__) it returns the right path:
/home/tom_server/public_html/includes/inc.php
But dirname(__FILE__) is not a useful solution as I need main root folder for relative paths. Is this a server configuration issue?
/home/<username>/public_html is the default user's web content directory used by apache if this feature is enabled.
When activated, the usual intended use of such personal directories is to store some static pages (cv, personal page in the company/institution...) and small dev/tests for easy access without having to configure anything. I used them a lot for students when I worked in a university a very long while ago so they could store and share their assignments.
When this feature is enabled, the pages in personal directories are served by the default webserver/virtual host, for which the document root is configured to /var/www/html by default on most linux distributions.
If you want to have a document root starting at the root of your php application, you can:
Fast and easy but ugly: move your application files to /var/www/html
Single user/app solution: modify the default webserver to point to your app (in place or in a new folder).
Prefered: use a dedicated folder for your app and configure a new Virtual Host in apache
If you do not have access to your server configuration and can only publish your files in your current user web directory, well... I have a bad news: you will not be able to use DOCUMENT_ROOT anymore in this context.
Details for configuring apache are beyond the scope of your question and probably belong to an other stackexchange site.
I'm working on small project, and will host it on normal Godaddy host plan, the problem is: all file system will be accessible through internet.
so, how can I prevent access to any folder or file except /public
CONTRIBUTING.md
app/
artisan
bootstrap/
composer.json
composer.lock
phpunit.xml
public/
server.php
vendor/
thanks,
Why not split the project up? Upload the contents of public to your document root and the rest somewhere else (like your home directory). Then just modify the two paths in the public/index.php file to point to the right locations, eg
$path = __DIR__ . '/../my-app';
require $path . '/bootstrap/autoload.php';
$app = require_once $path . '/bootstrap/start.php';
If you point your apache site document root to /public, there is no way people can access any other file in your application outside your public. Even if they try to do things like:
http://yoursite.com/../
EDIT:
This is not something you should rely on a framework to do, securing directories on your site is the web server job, so you need to find a solution on your server: virtual host, document root, web root, domain directory or even .htaccess configuration.
In some shared hosting companies you can do that easily, some have cPanel or Plesk, but other, like Hostgator, will give you just enough configuration so you can change your directory root to /public. Looks like GoDaddy doesn't help much if you don't have a cPanel account, but, still, there are tricks to help you doing it the way you should be doing: http://support.godaddy.com/help/article/4067/setting-up-a-non-web-accessible-root-folder. Probably there are others around.
how can i know where is my web root folder ?
and how to put folders out of web root folder?
and how to test that they are not accessible from outside ?
the structure of my hosting is like this:
www.website.com :
public_html/
includes /
logs/
...
is it enough to protect includes folder and logs folder with htaccess? and are they out of web root in this case?
i know that $server[document root] provide the root of my website , but i am confused about how to put files out of it , any help would be welcome , thanks for all
All your files are currently in the public web root folder.
The 'inside' of your root is your publichtml/. Everything you place in there will be publicly accessible.
The name of your root can vary from host to host, often public_html or httpdocs.
The 'outside' is one directory up. But remember some hosts do not give enough permissions.
You cannot test documents outside your root, because they are not accessible. Only something like PHP can access those files. That's why you do not place your img/JS/CSS files outside the root cause they need direct access.
You can however serve them through your PHP.
I have a domain root which is a folder within the server root. How can I mkdir inside a different folder within the domain root?
ROOT > DOMAIN ROOT FOLDER > PHP MKDIR
ROOT > IMAGE FOLDER > MKDIR HERE
I need the php in the 'domain root folder' to create a directory within the 'image folder'. Any help?
You can usually do something like this:
mkdir('../images/newfolder');
You may have to add more ../../ on to the front of this, depending on where you are running the script from exactly. Each ../ moves you up another level, so it seems like just one would work here given your example, but you have to be sure you are where you think you are.
You could also use absolute path in your php-script.
mkdir('/root/images/new_folder');
Make sure that your web-server has permissions for writing to specific folder.
I usally work from the directory my current script is located in and maneuver my way to the desired location from there. Works fine as long as you don't move you script. In addition, it will be easier to keep track of where everything is relative to the script.
You can get the current path with:
$path = dirname(__FILE__);
Then appending ../ to go deeper etc.
I have a file which is in project folder my wampserver www directory and I want to create a path to this file in my PHP script. I am not sure what is right in accomplishing this as I have seen the use of "./", "../" and the full root directory of "c:/...." I foresee a situation where the use of C: would restrict the usage of the path to only that local machine and I therefore want to use the wamp's root which is www.
To get the document root just read it from the $_SERVER-superglobal.
echo $_SERVER['DOCUMENT_ROOT'];