I am creating a wordpress plugin that needs to be able save a file. What is the best way to do this without worrying about file permissions. (i.e Is there a directory that is considered safe to write to?)
If you can upload images to your blog, then wp-content/uploads should be writable.
But file permissions are always something to worry a little about when you're deploying to a new server.
Normally you can create a directory with mkdir(), mermissions to chmod(777) so you can delete this directory from ftp without a root user and this dir will bee fully writable via php. And also chmod you files with 777, otherwise you can't delete without root permissions.
Related
When I upload files through my cpanels file manager all my php file permissions are being changed to 0666 from what I read this is not secure + it is causing my WordPress to not function correctly. Normally web hosts have the permissions set to 0644 when uploading files. It would takes ages for me to change all files manually from 0666 to 0644. How can I change the permissions when I upload in cpanel? Should I try ftp and see if that makes a difference?
EDIT
When I upload the zip file it uploads as 0644 than when I extract the files inside are all turned into 0666.
Thanks
There is no need for you to re-upload all files to simply change permission for them.
Use your FTP client to change file permissions for files, directories and sub-directories.
You can do this via command-line SSH (if you have access).
What permissions do I need to set up on a directory in order to make it writable by php?
By "writable", I mean copying and creation of new files within that directory automatically by php itself.
I'm testing this on a free host, and the default permissions are 755.
When I try executing a php script, that attempts to create another subfolder of that directory, and copy certain files in it, and it fails.
If I set it up to 777, it works fine, but I assume that doesn't work on all Apache versions because of security reasons?
Also, when creating new files, does php act as the "owner"?
Whatever process that runs the PHP interpreter should should have a user account associated with it. Only that user needs write permission in the directory. So to answer your last question, it's usually www-data or apache that is the owner of that file.
Permission of 777 will work because it allows everyone to read, write and execute that directory but depending on your application this might be a security hole.
I have a script that uploads a *.csv to import into a DB table that I have which works great in linux through chmod($target, 0777); but I can't for the life of me find the solution to do exactly this but on a Windows based Apache server.
Some other posts have people responding "don't put in the 0777 and it should work" but that's not the case for me. Thanks!
Thanks to the comment left on my original post I was able to figure it out with a little more help from https://web.archive.org/web/20171121192635/http://www.howyoudo.info/index.php/how-to-fix-windows-server-upload-file-inherit-permissions-error/
The problem only happens when you use PHP to upload a file. When you upload a file, PHP sends the file to a temporary directory on the
hard drive (for me it is C:\Windows\Temp) and then copies it over to
it’s intended directory. Once the file has landed in the temporary
directory, it is assigned the permissions of that directory. The
problem is when Windows copies that file, it keeps the temporary
directory’s permissions and doesn’t inherit your web directory’s
permissions.
The easiest way to fix this problem is to add to the temporary directory your intended web directory’s permissions. There’s no need
to erase the permissions already in the temporary directory, just add
the web directory’s permissions to them. In other words, follow these
steps
To change the permissions of your temporary upload directory, find
the “upload_tmp_dir” in your php.ini file.
Set it to the directory
of your choosing (outside your web folders of course) or leave it at
default (for me it is C:\Windows\Temp).
Browse to this folder and add the permissions of your web folders to it.
While Brian Leishman's answer will work, if you do not have the ability to edit permissions on the temp folder, you can make your uploaded file inherit permissions from its new location manually with the following on the command line:
icacls "target.txt" /q /c /reset
So, using PHP's exec() function:
exec( 'icacls "target.txt" /q /c /reset' );
For details of the various icacls flags, see: https://technet.microsoft.com/en-us/library/cc753525.aspx
Tip: Using the /t flag, you can use pattern matching to process multiple files.
I have created a custom CMS with PHP and it uploads files to a directory with 777 permissions on it. When the files are uploaded they are given 600 with apache being the owner, therefore I can't download them through FTP as the main FTP user.
Anybody have any ideas? I have tried changing the permission but don't have rights due to the owner being apache.
You cant chmod the files, but 'apache' can: after uploading an moving the file,change the permissions in the same script. As it is run by apache, it is allowed to do so.
http://php.net/manual/en/function.chmod.php
For uploading files it is important to note that uploading files without explicitly setting permissions after is a bad practice.
I would take the link Nanne provided and begin to add that to your upload script. This will ensure that the files are given the appropriate permissions for each situation you will need them.
Is there a way to change folder permissions from PHP without using FTP?
I'm creating new folders on server automatically, but i cannot move the uploaded file in it because of the folder permissions. Do you have any idea that I can change the permission of the folder without using FTP?
chmod('/home/path/directory/', 0777)
http://php.net/manual/en/function.chmod.php