In PHP scripts, whether calling include(), require(), fopen(), or their derivatives such as include_once, require_once, or even, move_uploaded_file(), one often runs into an error or warning:
Failed to open stream : No such file or directory.
What is a good process to quickly find the root cause of the problem?
There are many reasons why one might run into this error and thus a good checklist of what to check first helps considerably.
Let's consider that we are troubleshooting the following line:
require "/path/to/file"
Checklist
1. Check the file path for typos
either check manually (by visually checking the path)
or move whatever is called by require* or include* to its own variable, echo it, copy it, and try accessing it from a terminal:
$path = "/path/to/file";
echo "Path : $path";
require "$path";
Then, in a terminal:
cat <file path pasted>
2. Check that the file path is correct regarding relative vs absolute path considerations
if it is starting by a forward slash "/" then it is not referring to the root of your website's folder (the document root), but to the root of your server.
for example, your website's directory might be /users/tony/htdocs
if it is not starting by a forward slash then it is either relying on the include path (see below) or the path is relative. If it is relative, then PHP will calculate relatively to the path of the current working directory.
thus, not relative to the path of your web site's root, or to the file where you are typing
for that reason, always use absolute file paths
Best practices :
In order to make your script robust in case you move things around, while still generating an absolute path at runtime, you have 2 options :
use require __DIR__ . "/relative/path/from/current/file". The __DIR__ magic constant returns the directory of the current file.
define a SITE_ROOT constant yourself :
at the root of your web site's directory, create a file, e.g. config.php
in config.php, write
define('SITE_ROOT', __DIR__);
in every file where you want to reference the site root folder, include config.php, and then use the SITE_ROOT constant wherever you like :
require_once __DIR__."/../config.php";
...
require_once SITE_ROOT."/other/file.php";
These 2 practices also make your application more portable because it does not rely on ini settings like the include path.
3. Check your include path
Another way to include files, neither relatively nor purely absolutely, is to rely on the include path. This is often the case for libraries or frameworks such as the Zend framework.
Such an inclusion will look like this :
include "Zend/Mail/Protocol/Imap.php"
In that case, you will want to make sure that the folder where "Zend" is, is part of the include path.
You can check the include path with :
echo get_include_path();
You can add a folder to it with :
set_include_path(get_include_path().":"."/path/to/new/folder");
4. Check that your server has access to that file
It might be that all together, the user running the server process (Apache or PHP) simply doesn't have permission to read from or write to that file.
To check under what user the server is running you can use posix_getpwuid :
$user = posix_getpwuid(posix_geteuid());
var_dump($user);
To find out the permissions on the file, type the following command in the terminal:
ls -l <path/to/file>
and look at permission symbolic notation
5. Check PHP settings
If none of the above worked, then the issue is probably that some PHP settings forbid it to access that file.
Three settings could be relevant :
open_basedir
If this is set PHP won't be able to access any file outside of the specified directory (not even through a symbolic link).
However, the default behavior is for it not to be set in which case there is no restriction
This can be checked by either calling phpinfo() or by using ini_get("open_basedir")
You can change the setting either by editing your php.ini file or your httpd.conf file
safe mode
if this is turned on restrictions might apply. However, this has been removed in PHP 5.4. If you are still on a version that supports safe mode upgrade to a PHP version that is still being supported.
allow_url_fopen and allow_url_include
this applies only to including or opening files through a network process such as http:// not when trying to include files on the local file system
this can be checked with ini_get("allow_url_include") and set with ini_set("allow_url_include", "1")
Corner cases
If none of the above enabled to diagnose the problem, here are some special situations that could happen :
1. The inclusion of library relying on the include path
It can happen that you include a library, for example, the Zend framework, using a relative or absolute path. For example :
require "/usr/share/php/libzend-framework-php/Zend/Mail/Protocol/Imap.php"
But then you still get the same kind of error.
This could happen because the file that you have (successfully) included, has itself an include statement for another file, and that second include statement assumes that you have added the path of that library to the include path.
For example, the Zend framework file mentioned before could have the following include :
include "Zend/Mail/Protocol/Exception.php"
which is neither an inclusion by relative path, nor by absolute path. It is assuming that the Zend framework directory has been added to the include path.
In such a case, the only practical solution is to add the directory to your include path.
2. SELinux
If you are running Security-Enhanced Linux, then it might be the reason for the problem, by denying access to the file from the server.
To check whether SELinux is enabled on your system, run the sestatus command in a terminal. If the command does not exist, then SELinux is not on your system. If it does exist, then it should tell you whether it is enforced or not.
To check whether SELinux policies are the reason for the problem, you can try turning it off temporarily. However be CAREFUL, since this will disable protection entirely. Do not do this on your production server.
setenforce 0
If you no longer have the problem with SELinux turned off, then this is the root cause.
To solve it, you will have to configure SELinux accordingly.
The following context types will be necessary :
httpd_sys_content_t for files that you want your server to be able to read
httpd_sys_rw_content_t for files on which you want read and write access
httpd_log_t for log files
httpd_cache_t for the cache directory
For example, to assign the httpd_sys_content_t context type to your website root directory, run :
semanage fcontext -a -t httpd_sys_content_t "/path/to/root(/.*)?"
restorecon -Rv /path/to/root
If your file is in a home directory, you will also need to turn on the httpd_enable_homedirs boolean :
setsebool -P httpd_enable_homedirs 1
In any case, there could be a variety of reasons why SELinux would deny access to a file, depending on your policies. So you will need to enquire into that. Here is a tutorial specifically on configuring SELinux for a web server.
3. Symfony
If you are using Symfony, and experiencing this error when uploading to a server, then it can be that the app's cache hasn't been reset, either because app/cache has been uploaded, or that cache hasn't been cleared.
You can test and fix this by running the following console command:
cache:clear
4. Non ACSII characters inside Zip file
Apparently, this error can happen also upon calling zip->close() when some files inside the zip have non-ASCII characters in their filename, such as "é".
A potential solution is to wrap the file name in utf8_decode() before creating the target file.
Credits to Fran Cano for identifying and suggesting a solution to this issue
To add to the (really good) existing answer
Shared Hosting Software
open_basedir is one that can stump you because it can be specified in a web server configuration. While this is easily remedied if you run your own dedicated server, there are some shared hosting software packages out there (like Plesk, cPanel, etc) that will configure a configuration directive on a per-domain basis. Because the software builds the configuration file (i.e. httpd.conf) you cannot change that file directly because the hosting software will just overwrite it when it restarts.
With Plesk, they provide a place to override the provided httpd.conf called vhost.conf. Only the server admin can write this file. The configuration for Apache looks something like this
<Directory /var/www/vhosts/domain.com>
<IfModule mod_php5.c>
php_admin_flag engine on
php_admin_flag safe_mode off
php_admin_value open_basedir "/var/www/vhosts/domain.com:/tmp:/usr/share/pear:/local/PEAR"
</IfModule>
</Directory>
Have your server admin consult the manual for the hosting and web server software they use.
File Permissions
It's important to note that executing a file through your web server is very different from a command line or cron job execution. The big difference is that your web server has its own user and permissions. For security reasons that user is pretty restricted. Apache, for instance, is often apache, www-data or httpd (depending on your server). A cron job or CLI execution has whatever permissions that the user running it has (i.e. running a PHP script as root will execute with permissions of root).
A lot of times people will solve a permissions problem by doing the following (Linux example)
chmod 777 /path/to/file
This is not a smart idea, because the file or directory is now world writable. If you own the server and are the only user then this isn't such a big deal, but if you're on a shared hosting environment you've just given everyone on your server access.
What you need to do is determine the user(s) that need access and give only those them access. Once you know which users need access you'll want to make sure that
That user owns the file and possibly the parent directory (especially the parent directory if you want to write files). In most shared hosting environments this won't be an issue, because your user should own all the files underneath your root. A Linux example is shown below
chown apache:apache /path/to/file
The user, and only that user, has access. In Linux, a good practice would be chmod 600 (only owner can read and write) or chmod 644 (owner can write but everyone can read)
You can read a more extended discussion of Linux/Unix permissions and users here
Look at the exact error
My code worked fine on all machines but only on this one started giving problem (which used to work find I guess). Used echo "document_root" path to debug and also looked closely at the error, found this
Warning:
include(D:/MyProjects/testproject//functions/connections.php):
failed to open stream:
You can easily see where the problems are. The problems are // before functions
$document_root = $_SERVER['DOCUMENT_ROOT'];
echo "root: $document_root";
include($document_root.'/functions/connections.php');
So simply remove the lading / from include and it should work fine. What is interesting is this behaviors is different on different versions. I run the same code on Laptop, Macbook Pro and this PC, all worked fine untill. Hope this helps someone.
Copy past the file location in the browser to make sure file exists. Sometimes files get deleted unexpectedly (happened with me) and it was also the issue in my case.
Samba Shares
If you have a Linux test server and you work from a Windows Client, the Samba share interferes with the chmod command. So, even if you use:
chmod -R 777 myfolder
on the Linux side it is fully possible that the Unix Group\www-data still doesn't have write access. One working solution if your share is set up that Windows admins are mapped to root: From Windows, open the Permissions, disable Inheritance for your folder with copy, and then grant full access for www-data.
Add script with query parameters
That was my case. It actually links to question #4485874, but I'm going to explain it here shortly.
When you try to require path/to/script.php?parameter=value, PHP looks for file named script.php?parameter=value, because UNIX allows you to have paths like this.
If you are really need to pass some data to included script, just declare it as $variable=... or $GLOBALS[]=... or other way you like.
Aside from the other excellent answers, one thing I overlooked on Windows while writing a simple script: This error will be shown when trying to open a file with characters that Windows does not support in file names.
For example:
$file = fopen(date('Y-m-d_H:i:s'), 'w+');
Will give:
fopen(2022-06-01_22:53:03): Failed to open stream: No such file or directory in ...
Windows does not like : in file names, as well as a number of other characters.
The following PHP settings in php.ini if set to non-existent directory can also raise
PHP Warning: Unknown: failed to open stream: Permission denied in
Unknown on line 0
sys_temp_dir
upload_tmp_dir
session.save_path
PHP - Failed to open stream : No such file or directory in mac
For example I will upload a picture. But I am getting this error. First thing i will do right click on the image and get info.
$thePathOfMyPicture = "/Users/misstugba/Desktop/";
use with function
if(move_uploaded_file($_FILES["file"]["tmp_name"],$thePathOfMyPicture.$_FILES["file"]["name"])){
echo "image uploaded successfully";
}
For me I got this error because I was trying to read a file which required HTTP auth, with a username and password. Hope that helps others. Might be another corner case.
Edit
You can check if this type of authentication is present by inspecting the headers:
$file_headers = get_headers($url);
if (!$file_headers) echo 'File headers missing';
else if (strpos($file_headers[0], '401 Unauthorized') > -1) echo '401 Unauthorized';
In PHP, start Apache then write you DB name and password if exist in your environment(.env).
I know this is a common issue but I haven't been able to single out the problem for my specific use case, so bear with me.
I have a simple PHP script send_id which simply sends an ID number and saves it to a TXT file on my RHEL server running Apache 2.4.6 with PHP 5.4.
The error message: Warning: file_put_contents(/var/www/html/id.txt): failed to open stream: Permission denied in /var/www/html/send_id.php on line 6
'1' written to server
The PHP script itself:
<?php
$id=$_GET['id'];
$stringData = "$id";
$file = file_put_contents('/var/www/html/id.txt', $stringData.PHP_EOL , FILE_APPEND |LOCK_EX);
echo "'$stringData' written to server";
?>
chmodding to 777 didn't do anything. Additionally, I checked to see ownership rights and noticed that the id.txt file is owned by the root user at both user/group level, and PHP is being run at root level.
Anyone have any suggestions? If its any help, this seems to have happened after a yum update
I resolved this issue by simply running chcon -Rt httpd_sys_content_rw_t on the directory where my troubled PHP script lived in.
The chcon command changes the SELinux context for files. However, changes made with the chcon command are not persistent across file-system relabels, or the execution of the restorecon command.
-Rt are to change the type of the directory and its contents, httpd_sys_content_rw_t is to give apache write access
source: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/selinux_users_and_administrators_guide/sect-security-enhanced_linux-working_with_selinux-selinux_contexts_labeling_files
Additional note
ls -alZ *
The -Z switch will work with most utilities to show SELinux security contexts
Try changing the owner of the folder and the file to (chown) to "www-data" or to "www-data:www-data" and see if it changes anything...
Use a relative file path from, Apache's "DOCUMENT ROOT" to reference files in PHP. It's Apache's permissions that matter, and for security reasons it is coded to inhibit access to files outside of DOCUMENT_ROOT.. (yes even though your path leads within it, Apache is blocked as soon as it sees the path starts with "/VAR" ..
Assuming this PHP script is in the same directory as id.txt file , just use
$file = file_put_contents('./id.txt', $str...
Or if the txt file was in a sub-directory
file_put_contents('./sub-dir/id.txt', $str...
Not only is it secure, it's a lot shorter to type too.
My dedicated server has Debian wheezy installed along with Apache2 php and mysql. ISPConfig3 is installed as the control panel.
After creating a site under ISPConfig and a shell user account with it I uploaded the tar file into the web directory and extracted the files.
The default ispconfig index.html file would display how ever after the extraction the index.php is not getting picked up and after deleting the default index.php i get the error message
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
I tried going directly to www.domain.com/index.php and that doesnt work too.
Do I have to modify anything in apache? Any help would be appreciated.
That error is telling you the server can't read the file (or files) specified in your DirectoryIndex directive, and is trying to display a 403 (security) error document instead, which is doesn't have permission to read either.
You need to check what user your httpd daemon is running as, and make sure that user had at least read permissions to all the files in your DocumentRoot. The best way to do this is to ensure that user is the owner of the files.
On a Redhat/CentOS system, httpd runs as the user "apache"
chown -R apache:apache /var/www/html
I have two folders where I can store my website (CentOS VPS):
/var/www/html/index.html
/home/admin/public_html/index.html
I can either store my web application in the first path, but I don't have FTP access to this folder. I can't see it at all when accessing my FTP with the admin account that I received from my service provider.
Or I can use the /home/admin/public_html. For this, I tried to:
change the Root directory in the httpd.conf file;
restart apache;
But this totally does not work!!
It continues to redirect me to the Apache is functioning normally message (from the /var/www/html/ path. why is this happening ?
Even if there is no direct solution, please help me into a direction to get this issue solved so I can continue with my actual work.
At work, I'm using Putty to connect through SSH, at home I use the Mac OSX terminal to access the VPS.
EDIT:
I called my service provider and he mentioned that it's better to leave the default folder (which is var/www/html).
In order to access the file from the client :
I created a link to /var/www from the public_html folder;
Gave permission rights to the www folder recursively;
Connected through SFTP instead of FTP to get access to the folder (normal FTP won't display the folder).
This appears to work rather well.
I suspect Apache doesn't have permission to access /home/admin/public_html. You would need at a minimum to give group read access to /home/admin and /home/admin/public_html to whatever group apache processes run as. Usually it's apache, httpd, or www group--check your /etc/passwd file).
If it's say, the 'apache' group:
chown :apache /home/admin/admin;
chmod g-w /home/admin/admin;
chown -R :apache /home/admin/public_html
If apache must write this directory
chown -R g+w /home/admin/public_html
Then set the group sticky bit (SGID bit) so on any directory from /home/admin/public_html on down (only directories). This will ensure any file created in them will have the same group ownership as the directory. Here's how you do that
find /home/admin/public_html -type d -print | while read i; do SAVEIFS=$IFS; IFS=$(echo -en "\n\b");chmod g+s $i; IFS=$SAVEIFS; done
In case someone else has this issue, have a look at /etc/apache2/sites-enabled
This is where Apache keeps all virtual hosts (This is used to host more than one website on a single ip address.) If you see a 000-default file here, this is usually mapped as the default entry or the site you get when you type in the servers ip address and usually points to /var/www.
PS
Have a look at http://www.virtualmin.com/ It's a opensource cpanel alternative that will provide you with a easy to use web based GUI for common web server related tasks including security, mail, databases and antivirus.
could be selinux related? Look for permission denied in your apache log and have a look in the selinux logs -- /var/log/secure on centos by my memory
I recently moved my website to a new host and now am experiencing some broken code..
I have an uploading script that is now returning this:
move_uploaded_file() failed to open
stream: Permission denied in *..
I've set the upload directory to 777 which worked fine, but my script is needed to have top level permissions..
(As the script itself sets permission to directories, does lots of copying etc)
Is there a way in apache I can set the PHP script to the owner of all the folders on my server?
Thanks
Also
When looking in phpInfo()
Under
apache2handler
User/Group nobody(99)/99
Is this related?
I wouldn't go that route, just give it permissions to the defined upload_tmp_dir, or define upload_tmp_dir to be a directory you have access to. If it is that directory you have problems with. If the target is the problem, and you've 777'ed it, something fishy is going on.
Do you have ssh access to your new host? The reason I ask is that it's probably not best to use the username/group as nobody, as most other services would use this too. I would change it to something like apache
You can then update httpd.conf, adding in these two lines (reloading the config after):
User apache
Group apache
Then, run chown apache:apache -R dir_name to make apache own it.
well,
When you are trying to set the permission like "0777", you must be running on same authority.
What I mean is.
For example, your script tells to change a folder/file permission to 0777, but the folder or file already has a permission and that is '0755' so you are not authorised to make that change. as the user have only 5 authority.
Either, you need to login to FTP and change the folder permission to 0777 and then you have full control over it or you have to stick with using 0755 or similar.