In my project, I have to upload some video files to a folder which lies outside the root folder. I am using simple php function move_uploaded_file to upload the file. I have tried with the code below.
$source = $_FILES['Filedata']['tmp_name'];
$targetFile = '/usr/local/WowzaMediaServer-3.1.1/content/video.mp4'
move_uploaded_file($source,$targetFile);
But it is not working. Can we done it through move_uploaded_file. if not, suggest a better option to do this.
I have seen some similar question but nothing helps. So any help would be appreciated..
Are you sure you're not in a chroot jail?
If so, your "absolute" path name could be pointing to the wrong place-- somewhere that doesn't exist.
If so, change the path to point to somewhere within the jail.
It may be necessary to mount --bind the directory you want this to go in into some location within the jail. (Note that a symbolic link will not work for getting out of jail.)
More than likely this is a simple permissions issue and quite easy to solve.
Find the user that apache uses. To do this open up your httpd.conf file and look for something like:
User apache
Group apache
Change the ownership of the folder that you're trying to upload to.
chown -R apache.apache /usr/local/WowzaMediaServer-3.1.1/content/
Change the permissions of the folder
chmod -R 775 /usr/local/WowzaMediaServer-3.1.1/content/
And that should be that.
I'm going to assume you're using Apache for the purposes of this answer.
First off, is the file being uploaded ok? One possible reason you might have trouble is that the tmp directory isn't writable by the webserver, or readable come to that. Assuming that's ok then move_uploaded_file should work fine.
Create a folder next to your DOCUMENT_ROOT, let's call it "filestore". Make sure it's writable by www-data or whichever user runs apache. Now, you should be able to move the files into that folder. Note they will be owned by www-data:www-data typically - or whatever user and group your server is set up to run as. The reason I put the "filestore" folder next to the DOCUMENT_ROOT folder is that you can be sure the webserver can read the file path up to DOCUMENT_ROOT. Otherwise you run the risk of a folder part way up the path not being readable, and that'll stop you dead. e.g. if you have /usr/local/media as your target folder and /usr/local isn't readable (and executable) by the webserver, you're toast.
If all this works and you absolutely must have you media elsewhere, you can have the "filestore" folder anywhere so long as the whole path to it is read/executable by the webserver. Check each directory in the path.
If these uploaded files are being downloaded by other users via the web then the "filestore" folder only needs to have permissions of 700 since it's always going to be the web server's user which reads them. If other users need access, typically because other software running as a different user needs to use them then you might need permissions to be 750 to allow group members to read (and execute) the directory. You'll also need to add that other user to the www-data group.
For downloads you will need to write a simple script which dumps the file to the browser after doing some authentication checks. That way, you avoid having the media accessible just via http without having any authentication done first - which could make your service into an attractive place for illegal files (copyright violations being the least concern here).
This is a dangerous approach as it gives root privileges to the apache user, so use with caution.
Add the apache user to the list of sudoers - which will let you execute commands as root in php via system('sudo the_command'). Then move the uploaded file to a temporary location that the apache user can write do (eg. create a 'tmp' directory in the doc root). Then use system("sudo mv \"$source\" \"$destination\""); to move the temporary file to it's final location.
You can find the apache user by executing <?php echo exec('whoami'); ?>. Then add the following entry to sudoers the-apache-user ALL=(ALL) NOPASSWD: ALL. Use visudo to add the sudoer entry.
Example:
$source = $_FILES['Filedata']['tmp_name'];
$targetFile = '/usr/local/WowzaMediaServer-3.1.1/content/video.mp4'
$tempLocation = 'tmp/temp-file.mp4';
move_uploaded_file($source, $tempLocation);
system('sudo mv "' . $tempLocation . '" "' . $targetFile . '"');
Edit: Related question - How to run PHP exec() as root?
Always you face a problem with your code, look at the server log or easier turn on errors display. That said, your problem could be related to upload_tmp_dir setting. Check what a phpinfo() tells about that or look at your php.inifile.
A better solution would be to write the file somewhere where you can write (i.e. under the webroot) and then create a symlink from the media directory to be to where you wrote it.
For example:
Web Root is /var/www/html
You want it at /usr/local/WowzaMediaServer-3.1.1/content/
Create directory /var/www/html/mediaserver/content/
Make permissions on /var/www/html/mediaserver/content/ 777 (so apache can write to it)
Copy files from /usr/local/WowzaMediaServer-3.1.1/content/ to /var/www/html/mediaserver/content/
Delete /usr/local/WowzaMediaServer-3.1.1/content/ (just the "content" directory)
Create symlink from /usr/local/WowzaMediaServer-3.1.1/content/ to /var/www/html/mediaserver/content/
Then you have permissions to read/write, and the media server should too. Only issue would be if the media server is trained not to read symlinks - but you can find that out quickly enough.
Related
I'm facing a problem with deleting video files from folder using php unlink() function , image are deleting but when trying deleting videos it says
unlink(file_path) : permission denied.
You (running your script as either through CLI or a webserver) need write access to the directory in which the files are located. so access to the file is not enough.
Your image directory would be different and writable for webserver or cli.
chmod("your/video/dir/path",0777);
try using above code before unlink the video in your script.
Edit: Looks like you are using Windows. Unfortunately, my answer is for Unix-like operating systems (so Linux, MacOS). You could try installing Bash extension for Win8+, but still I'm not sure if this would work. However, I'm keeping my answer in case of anyone with similar problem is looking here for an answer.
Changing permissions through PHP might work in some cases, but not always, because if you don't have permissions to delete the file you might also not have permissions to change them.
The best solution is to create a directory where you will keep files to which PHP will have full access. Let's call it dirname. Once you have created a directory, change its owner and group to the one corresponding to your web server user's name (if you're using Apache, it's "www-data"), for example: chown www-data:www-data dirname.
Once you've done that, change folder's permissions. My suggestion is 744, it will assure that user who owns it will have all permissions, and everyone else will be able only to read it. To do that, execute the following command: chmod -R 777 dirname.
Now you should be able to do anything you want with the files in given directory directly from PHP.
I have a script that uploads a *.csv to import into a DB table that I have which works great in linux through chmod($target, 0777); but I can't for the life of me find the solution to do exactly this but on a Windows based Apache server.
Some other posts have people responding "don't put in the 0777 and it should work" but that's not the case for me. Thanks!
Thanks to the comment left on my original post I was able to figure it out with a little more help from https://web.archive.org/web/20171121192635/http://www.howyoudo.info/index.php/how-to-fix-windows-server-upload-file-inherit-permissions-error/
The problem only happens when you use PHP to upload a file. When you upload a file, PHP sends the file to a temporary directory on the
hard drive (for me it is C:\Windows\Temp) and then copies it over to
it’s intended directory. Once the file has landed in the temporary
directory, it is assigned the permissions of that directory. The
problem is when Windows copies that file, it keeps the temporary
directory’s permissions and doesn’t inherit your web directory’s
permissions.
The easiest way to fix this problem is to add to the temporary directory your intended web directory’s permissions. There’s no need
to erase the permissions already in the temporary directory, just add
the web directory’s permissions to them. In other words, follow these
steps
To change the permissions of your temporary upload directory, find
the “upload_tmp_dir” in your php.ini file.
Set it to the directory
of your choosing (outside your web folders of course) or leave it at
default (for me it is C:\Windows\Temp).
Browse to this folder and add the permissions of your web folders to it.
While Brian Leishman's answer will work, if you do not have the ability to edit permissions on the temp folder, you can make your uploaded file inherit permissions from its new location manually with the following on the command line:
icacls "target.txt" /q /c /reset
So, using PHP's exec() function:
exec( 'icacls "target.txt" /q /c /reset' );
For details of the various icacls flags, see: https://technet.microsoft.com/en-us/library/cc753525.aspx
Tip: Using the /t flag, you can use pattern matching to process multiple files.
I'm trying to give access to a php uploader to write uploaded files to folders outside of apache's scope.
Folder c in this case represents the root of Windows Server 2012
The apache folder:
/cygdrive/c/apache24 (c:\apache24)
The php folder:
/cygdrive/c/php
The uploader folder:
/cygdrive/c/apache24/htdocs/uploader
Uploader directive:
define('RELATIVE_UPLOAD_DIR', '/cygdrive/c/Users/myusername');
define('UPLOAD_DIR', rtrim(dirname($_SERVER['SCRIPT_FILENAME']), '/') . '/' . RELATIVE_UPLOAD_DIR);
The uploader will upload files to the uploader's folder, but i am trying to upload files to Windows Users folder.
/cygdrive/c/Users/myusername
How can i enable the Users folder and subtree in php.ini so the uploader can write files to it?
In a *Nix environment you would have to make the target directory writable by the apache process owner. If you don't know what that is, take a look in the httpd.conf file. Look for two lines like:
User _www
Group _www
That user must have write access to any target directory. I guess it's just the same in Windows.
I must admit to not liking the idea of writing to user directories though. Might be better to have a rethink on what you are trying to do and find a way to keep userland safe and secure, whilst giving them access to the data.
I have just created a new folder on my server, and all the right permissions are set, I am sure of it.
The folder is there, but my PHP cant find the actual folder anyways?
Any ideas why?
The only thing I can think of is that my folder has special characters in its name.
I create it with this command:
sudo mkdir "Textiler & Sybehör"
I have lots of other directories with these kind of characters and they work fine.
Just this one seems to not work...
I am stuck!
PHP says cannot find directory...
UPDATE:
In command line tool, I tried moving the dir like this:
mv "Textiler & Sybehör" images/"Textiler & Sybehör"
I get this error:
cannot stat `Textiler & Sybeh\366r': No such file or directory
It is like if the letter "ö" isn't interpreted correctly.
When you make a directory with sudo that means it is created as the super or root user. If your web server is using suexec and running PHP as a normal user, PHP will not be able to access folders and/or files owned by other users.
Check to see if suexec is being used by or on your hosting provider or server.
The other thing is to determine if your folder really needs to be owned by the root user. If not, use the following command to change the owner: sudo chown <regular_user>:<regular_user> where <regular_user> is the account that PHP is running as.
Although it might be because of the characters in the name. What about folder structure? Do you have an .htaccess file with a rewrite base set? Code snippet would be great.
Also may as well check ownership permissions (chown) and then chmod the folder so it's writable.
I have a problem creating an index with Zend_Search_Lucene.
Now, everything works fine on my local machine so I guess there is just an issue with file permissions on the webserver.
Here is how I'm trying to create index in controller:
$index = Zend_Search_Lucene::create('/data/users_index');
Of course the data directory has permissions set to 0777. Here is the directory listing:
public_html
public 0755
css 0755
js 0755
data 0777
Yet I'm getting this error:
Can't create directory '/data/users_index'.
Edit/Update: After further reading and seeing your structure, I'd give it a shot and try using an ABSOLUTE path rather than a relative to ensure its writing to the write location. Sorry I missed that portion earlier. It's obviously not the best practice, but it would atleast narrow down whether or not its a permission/finding issue.
So change it to something like
$index = Zend_Search_Lucene::create('/path/to/public_html/public/data/users_index');
Although, you really should put that outside of the public HTML folder. There's no reason that the public should have access to your Lucene Index Files.
For example, mine are stored here:
'../application/models/lucene/articles/index'
If you are on a Linux/Unix machine, you are going to have to CHMOD the folder or CHOWN/CHGRP so that the web server has write access. If you have access to the server, you could simply run:
chmod -R 770 /path/to/your/data/users_index
If you are not the admin of the server however, you should probably ask the server admin to make sure this is the proper permissions to be applied to this folder, every admin has his/her own quirks about how they want folder permissions setup; what group they should be in; who gets to change it; etc.
If you are on a Windows machine, you are going to have to right click on the folder and grant permissions to the IUSR_XXXXX account and give them read/write access to that folder. (Replace XXX with whatever your machines name is)
$index = Zend_Search_Lucene::create('public/data/users_index');
??