I'm trying to upload a file to a virtual machine in Amazon. and i have some questions.
I think i have to give (777) permissions to my server folder to be able to upload my file. if i don't it won't work. is this ok?
is it secure to give those permissions?
You don't need to make the file's permissions 777 in order to be able to write it into a directory. Instead, the directory needs to have permission to be written to by the user.
If you are running apache, the process runs as the user www-data and wherever you are trying to write the file to, must have write permissions by this user. If you are writing to /var/www/my_file_uploads, then try this:
chown -R www-data:www-data /var/www/my_file_uploads
Note that by doing this, you will be preventing others on your home machine from reading the file as well (unless you explicitly permit it).
Related
I'm facing a problem with deleting video files from folder using php unlink() function , image are deleting but when trying deleting videos it says
unlink(file_path) : permission denied.
You (running your script as either through CLI or a webserver) need write access to the directory in which the files are located. so access to the file is not enough.
Your image directory would be different and writable for webserver or cli.
chmod("your/video/dir/path",0777);
try using above code before unlink the video in your script.
Edit: Looks like you are using Windows. Unfortunately, my answer is for Unix-like operating systems (so Linux, MacOS). You could try installing Bash extension for Win8+, but still I'm not sure if this would work. However, I'm keeping my answer in case of anyone with similar problem is looking here for an answer.
Changing permissions through PHP might work in some cases, but not always, because if you don't have permissions to delete the file you might also not have permissions to change them.
The best solution is to create a directory where you will keep files to which PHP will have full access. Let's call it dirname. Once you have created a directory, change its owner and group to the one corresponding to your web server user's name (if you're using Apache, it's "www-data"), for example: chown www-data:www-data dirname.
Once you've done that, change folder's permissions. My suggestion is 744, it will assure that user who owns it will have all permissions, and everyone else will be able only to read it. To do that, execute the following command: chmod -R 777 dirname.
Now you should be able to do anything you want with the files in given directory directly from PHP.
I guess this is just a permissions problem on AWS but I'm not very proficient at linux commands.
I've moved a site from another server to AWS and after a while, everything run perfect except for the PHP file uploads.
I have an User area where users can upload pictures to their profiles and perform some activities, that was working fine in the previous server.
But in AWS it doesn't save the uploaded file. My code return success on every validation I added to the file upload but the file doesn't get saved at the server.
I'm pretty sure it's a permissions issue, I've tried with the command
chown ec2-user /var/www/html
and also tried granting permission to root, but none of those have worked.
FTP works fine, just the uploads from the user's area are the ones that don't work.
could any of you help me to find a solution?
Thanks!
When using PHP to upload a file on the server, you have to grant the webserver write permission.
If you are using apache for example, you can run the following command :
chown apache:apache /var/www/html
chmod 775 /var/www/html
Also, the whole tree structure must be at least readable. You should have something like this :
drwxr-xr-x root:root /var
drwxr-xr-x root:root www
drwxr-xr-x apache:apache html
In Aws there are many things that you have to take in account.
1) Did you Install and Enable Some FTP Program , Make user accordingly and Gave Directory Access to that user.
(Because By Default you will only have SFTP Access to instance)
2) Did you Allow the PORT 21(ftp) in Security Group.
My code gets a permission denied error at the move_uploaded_file() function when I'm trying to save a file into a folder on my server (from the temp folder).
My user has full permissions across all the website directories and files. Is there an apache user that need permissions as well? How do I give permissions to this apache user?
If that isn't the case. Is there a way I can use the php chmod function to fix this problem?
Thanks for the help!
You are correct. The folder you need to move the file to doesn't need you to have permissions, it needs for the web server to have permissions.
Basically you need to figure out what account your web server is running as and give that user write permissions to the destination directory.
To figure out what your web server account name is, try the following command (assuming you're running Linux):
sudo lsof -i tcp:80
You should get back a bunch of lines with a USER column. One will be root, ignore that one. The other user listed is the user under which your web server is running. It's probably something like www or www-data or apache or the like.
After that, navigate to the parent directory of your upload directory and change it's ownership and permissions with the following command:
sudo chown www-data:www-data uploads
sudo chmod u+w uploads
At that point, your webserver user now has access to write to your uploads directory. If you have any trouble, post a comment and I'll try to help out.
I assume you gave the folder 777 permissions? The folder needs those permission.
I just setup a LAMP development server and am still trouble-shooting some things. The server is installed on one computer and I use a Windows laptop to write my code and test the site via the web browser.
My file uploading script works in that JPEG image files are successfully uploaded to the server, but when I try to view the images in the web browser, permission is denied.
I check the permissions on the file via the server and they are 600. I can fix the issue by chmod 777 theimage.jpg, but this doesn't seem like a good solution at all.
Does the solution have something to do with Apache configuration? Or is there something else I should be doing.
Thank-you,
Mike
Update
To clarify, I am able to upload a JPEG file to /var/www/test/images, but am unable to view the image in the web browser after it has been uploaded. My script works on the production server (I am using Dreamhost). This leads me to believe that the issue is with the development server that I have just setup. Any feedback is greatly appreciated, even if it is just resources that I should read for better understanding the server setup.
You need to change the permissions on the folder containing the file, not just the file itself. Use sudo chmod and sudo chown on the directory that contains the file you want to access, then check to make sure the permissions where changed with the ls -rl command. The permissions used with chmod should be r and w and the directory should read -rw-r--r-- when the ls -rl command is used if the permissions have been changed correctly. Also, if you are still unclear about the specifics of how chmod and chown work check out this link and this link.
EDIT:
Type this:
sudo chmod -R 666 /var/www/test/images
Or this:
sudo chmod a=rw /var/www/test/images
... to do what you want to do. For more explanation see my latest comment entry below.
I'd say you probably are running PHP under a different uid than Apache.
You can:
Configure apache/PHP so that they run under the same uid
Upon file upload, use PHP tochange the permissions with the chmod function or change the umask associated with the PHP process so that the file gets the correct permissions in the first place
Access the images through PHP (readfile) -- not recommended for performance issues
How should I handle image uploading using PHP?
How should I handle the chmod settings?
Example;
I have a dir called /image/ where i want to upload all my images.
Should I set this dir to chmod 777 and leave it like that? Or should i change chmod on that folder via PHP each time I need to upload a image. Is this correct, or should I be doing something else?
As thephpdeveloper mentioned, setting chmod once is enough. All subsequent writes into that directory will not change the directory permissions unless you explicitly chmod it to another permissions somewhere else.
The recommended permissions for directories on a *nix server is 755.
Setting permissions to 777 is not recommended. As mentioned by wic, it gives full permissions to everyone that have access to your server. Which makes it vulnerable if you are on shared hosting or sharing the server with other users.
Also to note is how PHP is run on your server. In fact, if you are running PHP as cgi, example suphp, permissions of 777 for directories are not allowed. Having 777 permissions on the directories your scripts reside in will not run and will instead cause a "500 internal server error" when attempting to execute them.
I recomend chmoding to 755
Only the user running the web server dameon needs permissions to the directory for writing. And you certainly don't want execute permissions on a directory users are uploading to.
Usually, folder settings are set once and that's it. It's rather pointless to keep setting the folder permissions to 777 via PHP, when you have already set it to 777.
No, you dont have to change the permissions on the directory each time. Once set, they are set so to speak.
Using 777 is overkill since it gives full permissions to everyone. Remove the 'x' bit and let apache (or whoever) own the directory. This makes it impossible to list files.