I'm using this PHP code below to create dynamic xml files.
...
$file_name = "";
$rss_feed_dir = $_SERVER['DOCUMENT_ROOT'] . '/xml/';
chmod($rss_feed_dir, 0777);
$file = $rss_feed_dir . $file_name . '.xml';
$file_handle = fopen($file, "w");
fwrite($file_handle, $xml);
fclose($file_handle);
The file will be created if the directory permissions are set 0777, and seems to fail at 0755. I've read on many sites that world execute permissions can pose a security risk.
Should I chmod back to 0755 at the end of this script?
Is there a better way to set the directory permissions?
I suspect it is because whichever directory your rss_feed_dir points to, is a directory owned by another user - other than the user that is being used to run your script.
So 755 permissions would exclude you from write access to the directory if your script is not running with the specified group or user. Which explains why you cannot do a write file command successfully when permissions were 755, but successful when 777.
If this php file is on a server and being called from the web, try modifying your directory ownership itself:
chown -R YOUR_USER:www-data YOUR_RSS_DIRECTORY_HERE
And then chmod to 775
Hope that helps!
Related
How do I set permissions for folders below 777?
mkdir(getcwd() . '/public/profile/usr'.$user->getId(), 0777, true);
mkdir(getcwd() . '/public/profile/usr'.$user->getId() . '/patients', 0777, true);
mkdir(getcwd() . '/public/profile/usr'.$user->getId() . '/picture', 0777, true);
Folder permissions for these are the type below:
drwxr-xr-x
And I want it set to:
drwxrwxrwx
Can you tell me please how to solve this problem?
First off, there is never a good reason to set folder or file permissions to 777. People that feel the need to do this usually either are blindly following a (bad) online tutorial or have an underlying security/permissions problem that they are unable to fix. Usually any uploading/writing problems can be fixed by setting the proper owner/group on the folder (usually the www-data or apache user), 777 means that anybody can write or execute anything in those folders. You're basically leaving your back door open and unlocked in a bad neighbourhood. Also see How will a server become vulnerable with chmod 777? for further details.
That being said, I've seen problems like this with mkdir() before, it is usually because of a certain umask on the system being set, forcing newly created folders to have 755 permissions. Doing a specific chmod() call will do the trick though:
mkdir(getcwd() . '/public/profile/usr'.$user->getId(), 0777, true);
chmod(getcwd() . '/public/profile/usr'.$user->getId(), 777);
// And so on...
But, the better solution: fix your permissions/security issue. Just set the proper owner (the process that PHP is running under), this will avoid having to set 777 permissions, but will allow proper upload handling. This should already be the default, but you can force it with:
// This will get the user the PHP process is running under on Linux machines:
$user = `whoami`;
mkdir(getcwd() . '/public/profile/usr'.$user->getId(), 0755, true);
chown(getcwd() . '/public/profile/usr'.$user->getId(), $user);
// And so on
This will set 755 permissions on the folder and set ownership to the PHP process, meaning that PHP has full permissions on the folder, but any other users do not. This is more secure, yet no less convenient.
The problem might also be caused by SELinux, in which case chmod 777 is not going to help you much anyway. Usually the httpd_public_content_rw_t context is required on upload folders.
Check this post: http://php.net/manual/de/function.mkdir.php
Answer from there...
When using the recursive parameter bear in mind that if you're using chmod() after mkdir() to set the mode without it being modified by the value of uchar() you need to call chmod() on all created directories. ie:
<?php
mkdir('/test1/test2', 0777, true);
chmod('/test1/test2', 0777);
?>
May result in "/test1/test2" having a mode of 0777 but "/test1" still having a mode of 0755 from the mkdir() call. You'd need to do:
<?php
mkdir('/test1/test2', 0777, true);
chmod('/test1', 0777);
chmod('/test1/test2', 0777);
?>
Here is one of the many possible ways of doing it:
<?php
$baseDir = getcwd() . '/public/profile/usr'. $user->getId();
$arrFolders = array('/patients', '/picture');
// FIRST chmod THE BASE DIRECTORY TO HAVE THE PERMISSIONS YOU WANT:
chmod($baseDir, 0777);
// LOOP THROUGH THE ARRAY OF FOLDERS YOU WANT TO CREATE & CREATE THEM WITH APPROPRIATE PERMISSIONS:
foreach($arrFolders as $folder){
try{
mkdir($baseDir . $folder, 0777, true);
}catch(Exception $e){
// HANDLE ANY EXCEPTION SHOULD ONE OCCUR...
}
}
I am trying to make a directory when a new account is created.
The directory should be in my images folder and is used to better separate uploaded images.
//get the ID of the new account that was just created/inserted
$accountID = mysqli_insert_id($dbc);
//create a new directory path for that account
$directoryPath = "../images/" . $accountID;
// check if the directory exists
if (!is_dir($directoryPath)) {
//create the directory
mkdir($directoryPath, 0777); //breaking here
}
I had no problem getting this to work a few days ago, however when testing it today I am having problems.
I have included ini_set('display_errors', 'On'); in my page to see what error I am being thrown and it is a permission error.
Warning: mkdir(): Permission denied
The images folder has full read/write permissions for all users and groups as well as any parent folders so I don't understand how that would be an issue, that and it had worked several times before.
I am working on windows if that matters.
Any ideas?
To avoid spending too much time on permissions problems between the CLI user and the Apache user, an easy configuration is to use same user for both processes.
Get your user id and group by doing
$ id
uid=1000(my_user), gid=1000(my_group), ...
And then:
$ sudo service apache2 stop
$ sudo vi /etc/apache2/envvars
export APACHE_RUN_USER=my_user
export APACHE_RUN_GROUP=my_group
$ sudo chown -R my_user /var/lock/apache2
it's better and safer than to change you whole directory permission to 777
I think you should try this -
mkdir("../images/".$accountID, 0777, 'R');
Recursive folder creation may causing the problem.
Also get more information from - mkdir
Also check for folder permission.
You have to be sure that the parent directory allows you to create folder, and not the folder it self that is being created with 0777 rights...
Also, check with which user the Apache server is launched
Check if directory is already exist before using mkdir()
if (!is_dir ($directoryPath) ) {
mkdir($directoryPath, 0777);
}
I am working on windows if that matters.
It does.
Try changing this
if (!is_dir($directoryPath)) {
//create the directory
mkdir($directoryPath, 0777); //breaking here
}
To this
if (!is_dir($directoryPath)) {
//create the directory
mkdir($directoryPath); //breaking here
}
You are on a Windows box so it will ignore the chmod mode. Also try using the full paths and not relative.
The mode is 0777 by default, which means the widest possible access.
For more information on modes, read the details on the chmod() page.
Note:mode is ignored on Windows.
http://php.net/manual/en/function.mkdir.php
I have folder hierarchy as Bucharest/Waterfall/a.php. My code snippet for making directory on server is as follows:
if(!is_dir($this->folder)){
$old_umask = umask(0);
mkdir($this->folder, 0777);
umask($old_umask);
}
chmod($this->folder, 0777);
// Moves current file to upload destination
if(move_uploaded_file($current['tmp_name'],$uploadFile))
return true;
All files are uploaded to the server. Now the issue is that the parent folder ,i.e. Bucharest has permission 755 while inner folder has permission 777. $this->folder has value as Bucharest/Waterfall. It gives 755 permission to Bucharest while 777 permission to waterfall. According to my code the 777 permission should also be given to Bucharest.
I have also tried chmod but all in vain. I want to give full permission to parent folder.
is_dir($this->folder); tells you that the file isn't a directory, not that it doesn't exist. and of course you can't mkdir if the directory is already there.
Also, if the directory already exists, according to the documentation chmod will not do anything if the user under which php is running isn't the same as the user who owns that directory.
Is the folder you are checking a subfolder already? If so, create the parent folders firts.
i.e.
mkdir('/tmp/test1/test2/test3/test4');
will fail if '/tmp/test1/test2/test3' doesn't exist
I have read this:-
Why can't PHP create a directory with 777 permissions?
and I can see a new folder being created by applying the following:-
// Desired folder structure
$structure = "../../../".$flash_dir."HELLO";
// To create the nested structure, the $recursive parameter
// to mkdir() must be specified.
$oldmask = umask(0);
mkdir($structure, 0777);
umask($oldmask);
when viewing the file permission of HELLO with DreamWeaver, it is 777. However, I suspect it is a Linux 0777 rather than a Windows 777, therefore I still cannot upload things to HELLO.
Will there be any alternative method to create a directory with windows 777? Thanks!
PS. when I manual create a new directory and right click it to set 777, it works perfectly, so I really think it's related to Linux vs Windows~
0777 is exactly the same thing as 777
But I still can't say what the problem is. I would try to chmod it again after you've created it.
$oldmask = umask(0);
chmod($structure, 0777);
umask($oldmask);
I am creating a directory and I am getting the error
Warning: chmod() [function.chmod]: No such file or directory in /home/www/public_html/console/pubs-add.php on line 104
The php file that is running the code is in www/console and the directory that I am trying to create is in www/images/gallery.
I have tried many variations of setting the path such as ../images/gallery or home/www but nothing seesm to work
define("PATH", "/www/images/gallery");
$dir = 'a1234';
$targetfilename = PATH . '/' . $dir;
if (!is_file($dir) && !is_dir($dir)) {
mkdir($dir); //create the directory
chmod($targetfilename, 0777); //make it writable
}
You mkdir command just uses $dir, which is just 'a1234' (in the current working directory). This will fail (and make the chmod fail too).
The solution: you probably want to prefix $dir with PATH...
Dear chmod() create some time problem. So i will suggest u that use this
mkdir("/path/to/my/dir", 0700);
if u want the created directory should be ready and wirtable then use this
mkdir("/path/to/my/dir", 0777);
The problem is that you cannot chmod a file that you haven't made. For that reason, I've changed the line
$task = chmod($targetfilename, 0777); //make it writable
to
$task = chmod($dir, 0755); //make folder writable
Tip: If you want a folder to be writable, chmod it to 755 and not 777. 777 is for files.
It makes the $dir in your current working directory, however, it doesn't mean that this equals your $targetfilename. I would say that you have to do mkdir($targetfilename) rather than mkdir($dir).