function uploadFile() {
global $attachments;
while(list($key,$value) = each($_FILES[images][name]))
{
if(!empty($value))
{
$filename = $value;
//the Array will be used later to attach the files and then remove them from server ! array_push($attachments, $filename);
$dir = "/home/blah/Music/$filename";
chmod("/home/blah/Music",0777);
$success = copy($_FILES[images][tmp_name][$key], $dir);
}
//
}
//
if ($success) {
echo " Files Uploaded Successfully<BR>";
//
}else {
exit("Sorry the server was unable to upload the files...");
}
//
}
Trying to upload a file and then send it as an attachment along mail using PHP Mailer
Errors :
Warning: copy(/home/blah/Music/Aerial_view_of_Yamuna_Expressway.jpeg): failed to open stream: Permission denied in /opt/lampp/htdocs/UI/user/joinmeeting.php on line 292
Updated :
blah#my001server:~$ ls -la for /home/blah/Music
ls: cannot access for: No such file or directory
/home/blah/Music:
total 8
drwxr-xr-x 2 blah blah 4096 Jul 4 10:20 .
drwxr-xr-x 67 blah blah 4096 Sep 21 10:18 ..
Why my linux system is not permitting to copy the file ?
Check permissions for target folder.
Set 777 and try again
$ chmod 777 folder
So as we see now you dont set write permission to Music folder.
Set it manualy from console, not from php script.
Try with move_uploaded_file (http://php.net/manual/en/function.move-uploaded-file.php) instead of copy :
move_uploaded_file($_FILES[images][tmp_name][$key], $dir);
Ok your edit is a bit weird.
blah#my001server:~$ ls -la for /home/blah/Music
ls: cannot access for: No such file or directory
/home/blah/Music:
total 8
drwxr-xr-x 2 blah blah 4096 Jul 4 10:20 .
drwxr-xr-x 67 blah blah 4096 Sep 21 10:18 ..
That command is erroranous since it is actually:
blah#my001server:~$ ls -la /home/blah/Music
You should be running.
But ok I see a problem. The file . which denotes the entire folder has no www-data permissions. This means that the default webuser for your Linux distro probably does not have access those files.
Since PHP runs under webuser www-data Linux will not permit it to cp or vi or gedit (or anything else for that matter) it anything it is not owning.
You can try:
sudo chown /home/blah/Music www-data
Instead. This should give some permission to www-data to take control of files within the directory.
Of course this raises even bigger problems. Ideally you would want to disconnect any upload dir or anything from your actual web server due to security needs.
Related
I'm having permissions problems when running the following PHP script as root:
#!/usr/bin/php
<?php
$ph = proc_open('whoami', [['pipe','r'],['pipe','w'],['file','/tmp/foo.bar', 'w']], $fds);
if ($ph) {
echo 'command output: ' . stream_get_contents($fds[1]);
proc_close($ph);
} else {
echo 'proc_open failed' . PHP_EOL;
}
The script itself runs fine if /tmp/foo.bar doesn't exist, or is owned by root. But if ownership is changed to another user, proc_open will fail regardless of permissions on the file.
SELinux is disabled, and we are not using ACLs. I'm using PHP 7.4.33 (I know it's old and unsupported, but it's a requirement for FreePBX) on Alma Linux 9.1.
Output:
$ ./test.php
command output: root
$ ls -lah /tmp/
total 12K
drwxrwxrwt. 18 root root 4.0K Dec 14 16:57 .
dr-xr-xr-x. 18 root root 4.0K Dec 14 16:48 ..
-rw-r--r-- 1 root root 0 Dec 14 16:57 foo.bar
$ chown admin /tmp/foo.bar
$ ./test.php
proc_open failed
$ chmod 777 /tmp/foo.bar
$ ./test.php
proc_open failed
$ ls -lah /tmp/
total 12K
drwxrwxrwt. 18 root root 4.0K Dec 14 16:57 .
dr-xr-xr-x. 18 root root 4.0K Dec 14 16:48 ..
-rwxrwxrwx 1 admin root 0 Dec 14 16:57 foo.bar
$ tail -2 /var/log/php.log
[14-Dec-2022 16:57:17 America/Toronto] PHP Warning: proc_open(/tmp/foo.bar): failed to open stream: Permission denied in /test.php on line 3
[14-Dec-2022 16:57:28 America/Toronto] PHP Warning: proc_open(/tmp/foo.bar): failed to open stream: Permission denied in /test.php on line 3
Even disregarding the fact that I'm root, group permissions should allow me full access to the file. So what's going on?
This is due to the permissions on the /tmp directory. When PHP tries to open the file for writing, it gets the EACCES error. From the documentation of open(2):
EACCES
Where O_CREAT is specified, the protected_fifos or protected_regular sysctl is enabled, the file already exists and is a FIFO or regular file, the owner of the file is neither the current user nor the owner of the containing directory, and the containing directory is both world- or group-writable and sticky. For details, see the descriptions of /proc/sys/fs/protected_fifos and /proc/sys/fs/protected_regular in proc(5).
/tmp has the sticky bit set so that anyone can create files there, but users can only delete their own files. Although root can bypass this deletion restriction, it can't bypass the above check in open().
Ok I tried this in a different directory than /tmp, as suggested in comments, and it worked as expected. Using that to hone my search terms I was able pretty quickly to find this U&L answer. Beginning with kernel 4.19 the fs.protected_regular kernel parameter was made available. This parameter:
Disallows open of FIFOs or regular files not owned by the user in world writable sticky directories, unless the owner is the same as that of the directory or the file is opened without the O_CREAT flag. The purpose is to make data spoofing attacks harder.
Apparently it's enabled by default. So because /tmp is world-writable and sticky, I can't touch files that aren't mine – even if I'm root. For the record, if I have to disable this feature:
sysctl fs.protected_regular=0
echo 'fs.protected_regular=0' > /etc/sysctl.d/90-writabletemp.conf
But I'll be better off trying to work around it in the code somehow.
I'm new to PHP and just faced the problem with creating and opening a file with fopen(). Here is my code:
<?php
$new_file = fopen('file.txt', 'w') or die("Cannot create a file");
$text = <<<_END
Line 1
Line 2
Line 3
_END;
fwrite($new_file, $text) or die('Cannot write to the file');
fclose($new_file);
When I try to run the file by opening it in the browser I see the next message: 'Cannot create a file'. But when I start debug session everithing works as it supposed to. I suspect that there is some issue with permissions and XDebug uses root access unlike the usual interpreter?
to write and read permission
chown -R www-data:www-data /var/www/dicrctoy
chmod -R 775 /var/www/dicrctoy
I have tested in my local environment no error was found
if you're using mac you should check the file permission
use chmod command to change permission
What is the meaning of chmod 777?
readable, writable and executable
Setting 777 permissions to a file or directory means that it will be readable, writable and executable by all users
To solve this problem first of all I was needed to check PHP user with the next command:
<?php echo `whoami`; ?>
It outputs:
www-data
This is the default PHP user. Next I checked the owner of the folder with this command:
ls -dl /var/www/html/test
It outputs:
drwxrwxr-x 2 username username 4096 Jun 26 12:49
Next I've sat permissions to the PHP user by running:
sudo chown -R www-data /var/www/html/test
Checking once again if the owner changed
ls -dl /var/www/html/test
And now it outputs
drwxrwxr-x 2 www-data username 4096 Jun 26 12:55
Done. Now I'm able to create and write to the file.
Persumably, this is a *nix permissions question. I'm a Java dev trying to write some simple PHP code. We have a production machine running FreeBSD+Apache.
I'm trying to create a directory called 'ccc' as in '/var/www/aaa/bbb/ccc'
Directories 'aaa' and 'bbb' already exist.
This is ls -ltrh output for directory 'aaa':
drwxr-xr-x 7 root root 12K Jun 10 05:27 aaa
This is ls -ltrh output for directory 'bbb':
drwxr-xr-x 3557 858 856 116K May 28 06:15 bbb
This PHP code does not create the directory '/var/www/aaa/bbb/ccc'. Says 'mkdir FAILED'.
<?php
$path = "/var/www/aaa/bbb/ccc";
if(!file_exists($path)) {
echo "Path does not exist, creating [".$path."]...";
if(mkdir($path, 0777, true)) {
echo "mkdir PASSED...";
}
else {
echo "mkdir FAILED...";
}
}
else {
echo "Path does exist[".$path."]...";
}
?>
This is ls -ltrh output for the php code:
-rw-r--r-- 1 root root 366 Jun 10 07:14 mdtest.php
How can I create the directory 'ccc'? Any pointers would be appreciated.
So the problem is that your apache web server has not write permission to /var/www/aaa/bbb. I dont know BSD, in debian is Apache running under www-data user. So you have to change owner of /var/www/aaa/bbb to apache user.
Run chown -hR apache /var/www
You may set all to write permission: chmod a+rw /var/www/aaa/bbb
I have an upload script that uploads a zip file to a directory on my website, it then unzips the file and creates a directory for each file uploaded.
drwxrwxrwx 7 Fabulous admin 238 12 Jan 18:20 .
drwxrwxrwx 39 Fabulous admin 1326 12 Jan 12:28 ..
-rwxr--r--# 1 Fabulous admin 15364 12 Jan 18:21 .DS_Store
drwxr-xr-x 4 nobody admin 136 12 Jan 18:20 2012_06
drwxr-xr-x 4 nobody admin 136 12 Jan 18:20 2012_07
-rwxr--r-- 1 Fabulous admin 2904 31 Oct 16:11 index.php
I have another php script that runs which copies the files in the directories 2012_06 and 2012_07 which where created by the upload script. Every thing is working fine via the browser. However I am trying to automate the process via the command line using the unix command line to call the scripts.
The problem is the script runs if I change ownership of the directories to Fabulous by using the following commands
cd upload
sudo chown -R Fabulous:admin .
However when I do this then my upload script index.php no longer has permission access to upload files to the upload directory unless I change ownership back to nobody.
Error Message
Warning:
rename(/htdocs/data_vis/upload/2012_06/Audit_Log.csv,htdocs/data_vis/data_out/2012_06_Audit_Log.csv): Permission denied in
/htdocs/data_vis/rename_files_in_sdir_with_sdir_name_prefix.php on line 27
Any suggestions/advice or fixes on what I should be doing or the correct way to resolve this via permissioning or any other method are welcome. Thanks in advance.
Either add them both to a group or have the file owned by nobody and group owned by Fabulous you dont need it to be admin, root can access everything anyway
the easiest way is make sure the group stays the same is using sticky bits
if /path/to/dir is owned by the correct group
chmod g+s /path/to/dir
will make it so all new folders under /path/to/dir eg /path/to/dir/1 are owned by the same group as /path/to/dir instead of the users default group
https://superuser.com/questions/102253/how-to-make-files-created-in-a-directory-owned-by-directory-group
Then both your web application should be ok and your cron script without modifing the code
I used the following to change ownership of the files in the directory so the other scripts can use the files.
<?php
// File name and username to use
$file_name= "foo.php";
$path = "/home/sites/php.net/public_html/sandbox/" . $file_name ;
$user_name = "fred";
// Set the user
chown($path, $user_name);
// Check the result
$stat = stat($path);
print_r(posix_getpwuid($stat['uid']));
?>
I am trying to read and post back to the browser a file uploaded with the zend framework mechanism.
The file has been uploaded correctly to the desired location and as I have checked by
su www-data
and after an ls and a cat, the web user can read it and modify it properly.
the problem is that inside a controller when I try to:
if(!file_exists($fileName)) {
die("File ($fileName) wasnt set or it didnt exist");
}
I am always getting to die(...), although the $fileName is a string and when I display it's location I can always (as stated before) read it from the command line.
ls output:
$ ls -lah
total 112K
drwxr-xr-x 2 www-data www-data 4.0K 2009-10-07 18:21 .
drwxr-xr-x 3 www-data www-data 4.0K 2009-10-07 13:57 ..
-rw-r--r-- 1 www-data www-data 70K 2009-10-07 17:33 Eclipse_Icon_by_TZR_observer.png
-rw-r--r-- 1 www-data www-data 27K 2009-10-07 18:24 eclipse_logo2.png
Stat output:
stat() [function.stat]: stat failed for .../eclipse_logo2.png
I saw a very similar question to the "try for 30 days" site, so it is not something that has happened to me...
Any ideas?
You have to chmod the newly created file because the file owner created from PHP side will be Apache (group: www-data, httpd, www, or something similar). So next time PHP cannot access the file because www-data owns it and it has wrong permissions.
Here's how you create new files so that you can access them later.
<?php
$path = '/path/to/new/file';
touch($path)
chmod($path, 0777);
// TRY to change group, this usually fails
#chgrp($path, filegroup(__FILE__));
// TRY to change owner, this usually fails
#chown($path, fileowner(__FILE__));