I have googled but I can't seem to get my script to work.
this is my code
if (is_dir("tmp")) {
if (substr(sprintf("%o", fileperms("tmp")), -4) == "0777") {
echo "good";
} else {
echo "going to chmod the tmp folder to 777";
if (!chmod("tmp", octdec(0777))) { // tried chmod("tmp, 0777) too
echo "Oops, I couldn't chmod the /setup/tmp directory, please do this manually";
}
}
} else {
echo "we'll make the folder";
}
I can't seem to get the chmod to work, i read somewhere that if register globals was off then this wouldn't work(i have that setting set to off).
I followed the PHP.net manual and some of the examples they provided there in the user comments, as well as some stack-overflow posts that i found relevant. but perhaps i need to tweak some php settings to get this to work?
Is there a way to get the chmod function to work without needing to change the PHP.ini?
You haven't given us enough information to determine why chmod() is failing. It could be that the web-server doesn't have sufficient privileges to alter directory permissions.
The owner of the web-server process should own the directory or be a member of the owning group. For example, if root owns tmp, and your web-server is running as the user 'apache', it will not be possible to modify the directory's permissions from PHP.
I believe the settings you mention in php.ini are for debugging, not magically 'fixing' chmod. Try prepending the following lines of code to your PHP script and you should get more useful debug output:
ini_set('display_errors', 'On');
error_reporting(E_ALL)
Represent like this:-
chmod("tmp", 0777);
The user that is running the php daemon or web server daemon must have write access to the directory you are trying to chmod. In my case, www-data is the user that is running php and any commands that php is trying to run, it will be run as the www-data user.
If you create a directory using the php mkdir function, you will notice that the owner of the directory is who ever is running the php or webserver daemon. And any directory that was created by php, php will be able to chmod, chown, do anything to it because it is the owner.
You can either
chown the directory so that the owner is the php user
set writing privileges for the group and set the group to the same group as the php user
do something like giving sudo privileges to the php user which is not recommended btw.
Related
I am using mkdir() to create new files in my code, but for some reason it is setting something called "daemon" as the admin. I cannot delete these files, edit, access, or even move these files. How can I change this from happening when creating files in my code?
<?php
$dir = 'myDir3';
// owner will be the user/group the PHP script is run under
if ( !file_exists($dir) ) {
mkdir ($dir, 0777);
}
file_put_contents ($dir.'/test.txt', 'Hello File');
$file = 'template.php';
if(file_exists($file)){
echo readfile($file);
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
ini_set("display_errors", 1);
copy($file, $dir.'/fake.php');
} else {
echo 'file does not exist';
}
?>
Eureka Edit(1):
Ok, thanks again #blueweimer , for clarifying that you are using XAMPP on MacOS (and not XAMPP-vm); because thanks to that clarification I was able to find the right answer to your question, which can be found here.
To elaborate on the answer found in the link:
By default, when creating any sort of folder or file in XAMPP in MacOS it uses the user and group found in the httpd.conf file (the d stands for "daemon", which is the name given to running processes in Unix systems (like Linux and Mac, Mac being a slant more differentiated from Unix but still carrying over some of the same terms)). So by changing the user and group found in this file you can change the user that keeps the server running. It's the user that Apache uses to access everything and anything inside XAMPP.
It's important to note that you are changing your access user when changing the file in httpd.conf; but that does not automagically change the owner of the files and folders that have already been created. According to the link above, these files are found in /Applications/XAMPP/xamppfiles/, you'd have to change the owner of the files and the folder itself to the new user you've changed it to in httpd.conf.
Do not change this user to your own, as any failure in security that can occur on XAMPP will allow anyone with access to your XAMPP server to access your user remotely.
Before Edit:
Firstly, if possible, please post a code snippet so that we may know how this is being accessed.
Secondly, I'd like to apologize for placing all of this in an answer(low reputation so I can't comment just yet), but judging by the mkdir manual page for php, it seems that it creates the directory with the user who's running it as the owner. Given that it's setting the owner to "daemon" and you are unable to access it, I believe it safe to assume that you are not establishing default permissions (0777) and are running the file as a daemon.
You could choose to change the permissions the folders are created with:
<?php
mkdir("/path/to/my/dir", 0777);
?>
Alternatively you could use the chown command to change the ownership from "daemon" to another user within the same php file you create the folders with:
<?php
mkdir("/path/to/my/dir", 0700);
chown("/path/to/my/dir", "username");
?>
This answer was given according to the information provided: you did not specify which webserver you're using (you've simply specified html), and you've not specified an OS, so my understanding ist that it is a Linux distribution (otherwise folder access would not be a problem with PHP but rather with the webserver's permissions).
I'm trying to use PHP to create a file, but it isn't working. I am assuming this is because it doesn't have write access (it's always been the problem before). I tried to test if this was the problem by making the folder chmod 0777, but that just ended up making every script in that directory return a 500 error message until I changed it back.
How do I give PHP write access to my file system so it can a create a file?
Edit: It is hosted on Hostgator shared hosting using Apache.
Edit 2: Someone asked for the code:
The code is a GD image script. I know the rest of it works as previously I was creating the image every ime it was called. Now I am trying to create them when new text is added and save them to a folder. The write line I have is:
imagejpeg(null,$file,85);
I also created a test file to check if it was just a broken script (mainly copied from tizag):
http://gearboxshow.info/rkr/lesig.jpg/testfile.txt (I don't know if/how to post the code here properly. Here is the contents of the PHP script, minus PHP tags.)
It returns 13,13,1 (separate lines), so it looks as if it thinks it wrote something, but the testfile.txt is blank (I uploaded a blank one), or non-existent (if I delete it).
Edit 3: The server runs CentOS.
An easy way is to let PHP create the directory itself in the first place.
<?php
$dir = 'myDir';
// create new directory with 744 permissions if it does not exist yet
// owner will be the user/group the PHP script is run under
if ( !file_exists($dir) ) {
mkdir ($dir, 0744);
}
file_put_contents ($dir.'/test.txt', 'Hello File');
This saves you the hassle with permissions.
Simple 3-Step Solution
Abstract: You need to set the owner of the directory to the user that PHP uses (web server user).
Step 1: Determine PHP User
Create a PHP file containing the following:
<?php echo `whoami`; ?>
Upload it to your web server. The output should be similar to the following:
www-data
Therefore, the PHP user is www-data.
Step 2: Determine Owner of Directory
Next, check the details of the web directory via the command line:
ls -dl /var/www/example.com/public_html/example-folder
The result should be similar to the following:
drwxrwxr-x 2 exampleuser1 exampleuser2 4096 Mar 29 16:34 example-folder
Therefore, the owner of the directory is exampleuser1.
Step 3: Change Directory Owner to PHP User
Afterwards, change the owner of the web directory to the PHP user:
sudo chown -R www-data /var/www/example.com/public_html/example-folder
Verify that the owner of the web directory has been changed:
ls -dl /var/www/example.com/public_html/example-folder
The result should be similar to the following:
drwxrwxr-x 2 www-data exampleuser2 4096 Mar 29 16:34 example-folder
Therefore, the owner of example-folder has successfully been changed to the PHP user: www-data.
Done! PHP should now be able to write to the directory.
Set the owner of the directory to the user running apache. Often nobody on linux
chown nobody:nobody <dirname>
This way your folder will not be world writable, but still writable for apache :)
1st Figure out which user is owning httpd process using the following command
ps aux | grep httpd
you will get a several line response like this:
phpuser 17121 0.0 0.2 414060 7928 ? SN 03:49 0:00 /usr/sbin/httpd
Here 1st column shows the user name. So now you know the user who is trying to write files, which is in this case phpuser
You can now go ahead and set the permission for directory where your php script is trying to write something:
sudo chown phpuser:phpuser PhpCanWriteHere
sudo chmod 755 PhpCanWriteHere
You can change the permissions of a folder with PHP's chmod(). More information on how to use the command is here: http://php.net/manual/en/function.chmod.php
If you get a 500 Error when setting the permissions to 777 (world writable), then it means your server is setup to prevent executing such files. This is done for security reasons. In that case, you will want to use 755 as the highest permissions on a file.
If there is an error_log file that is generated in the folder where you are executing the PHP document, you will want to view the last few entries. This will give you an idea where the script is failing.
For help with PHP file manipulation, I use http://www.tizag.com/phpT/filewrite.php as a resource.
I found out that with HostGator you have to set files to CMOD 644 and Folders to 755. Since I did this based on their tech support it works with HostGator
I had the same problem:
As I was reluctant to give 0777 to my php directory, I create a tmp directory with rights 0777, where I create the files I need to write to.
My php directory continue to be protected. If somebody hackes the tmp directory, the site continue to work as usual.
You can set selinux to permissive in order to analyze.
# setenforce 0
Selinux will log but permit acesses. So you can check the /var/log/audit/audit.log for details. Maybe you will need change selinux context. Fot this, you will use chcon command. If you need, show us your audit.log to more detailed answer.
Don't forget to enable selinux after you solved the problem. It better keep selinux enforced.
# setenforce 1
Best way in giving write access to a directory..
$dst = "path/to/directory";
mkdir($dst);
chown($dst, "ownername");
chgrp($dst, "groupname");
exec ("find ".$dst." -type d -exec chmod 0777 {} +");
chmod does not allow you to set ownership of a file. To set the ownership of the file you must use the chown command.
I'm running Ubuntu, and as said above nobody:nobody does not work on Ubuntu. You get the error:
chown: invalid group: 'nobody:nobody'
Instead you should use the 'nogroup', like:
chown nobody:nogroup <dirname>
Tiny little hint!
echo whoami;
make sure you use BACK QUOTES
NOT
single quotes ' '
!
(of course now the back quotes don't show up in this editor! oh well, I tried!)
I'm trying to create XML sitemaps for my website from my PHP application. The idea is to either create a new file or overwrite an existing file. When I call fopen, I get the following error:
[function.fopen]: failed to open stream: Permission denied
I'm trying to write to the webroot and its permissions are: 755. This means that the owner has write permission, right? What do I need to do to make my script be able to write to this folder? 777 would be a bad thing, right? Can I run my script as owner somehow?
Thanks.
Yep, as you've said, using 777 could be huge mistake. The webserver doesn't run with the same user as you use to create files and folders.
You have some options:
Run the sitemap creation as a cronjob, using an user with rights to write there, other than the apache user.
Put the sitemap in another directory, and the set up a 302 Redirect or a symlink. In this case, if you have a security issue that let's someone to write your sitemap.xml, at least they'll not be able to create another file with a more dangerous extensions (like PHP, which may result in a site intrusion).
Make a rewrite rule to redirect any hit to sitemap.xml, to a php script that outputs the appropriate XML.
Good luck!
I'm a beginner and I had this problem as well. I am using Ubuntu linux w/ php and apache
Write a php script w/ the following: <?php exec('whoami'); ?> and run it on your server. This tells you who the current user of the script is
SSH to your server.
Make a group that has read and write access to the files you need.
Make group have read, write, and execute on folders you need.
Make the current user you found in the first step, part of the group that has access to the files you need.
Restart Apache: sudo apachectl restart
main commands you need are:
groupadd: Create a new group
usermod: add your user to a new group
chgrp: changes files / folders to group you specify
chmod: changes permissions on the files / folders you specify.
All the commands you need are here: http://www.yolinux.com/TUTORIALS/LinuxTutorialManagingGroups.html
If you have ACL enabled on the webroot partition just grant the web server username full rights
setfacl -m u:apache:rwx /var/www/html
Replace apache with the web server username and /var/www/html with your webroot location.
had the same problem
Looks like apache is running as nobody in the nobody group
so if you do a
useradd -G nobody youruser
chown -R youruser:nobody .
Then change the permission to 0775
chmod -R 0775 .
or you may add nobody to your usergroup
useradd -G nobody yourgroup
this be a better solution
Does it work with group write enabled (i.e. 775)?
Check your group permissions for the directory the file is in. As long as your PHP user (usually www-data) is part of that group, and it's the only user, you should be fine with 775 (or even 774).
Like Pascal said!
just find your apache user
<?php exec'whoami'; ?>
and then
useradd -G username username2
chown -R username:username2 .
chmod -R 0775 .
And its done!
Thank you Pascal!
777 is pretty normal, because PHP does not run as you, it runs as a PHP user, Apache, etc. The fact is, your webhost should have a higher set of permissions that prevents other users from writing/deleting your files.
I'm trying to use PHP to create a file, but it isn't working. I am assuming this is because it doesn't have write access (it's always been the problem before). I tried to test if this was the problem by making the folder chmod 0777, but that just ended up making every script in that directory return a 500 error message until I changed it back.
How do I give PHP write access to my file system so it can a create a file?
Edit: It is hosted on Hostgator shared hosting using Apache.
Edit 2: Someone asked for the code:
The code is a GD image script. I know the rest of it works as previously I was creating the image every ime it was called. Now I am trying to create them when new text is added and save them to a folder. The write line I have is:
imagejpeg(null,$file,85);
I also created a test file to check if it was just a broken script (mainly copied from tizag):
http://gearboxshow.info/rkr/lesig.jpg/testfile.txt (I don't know if/how to post the code here properly. Here is the contents of the PHP script, minus PHP tags.)
It returns 13,13,1 (separate lines), so it looks as if it thinks it wrote something, but the testfile.txt is blank (I uploaded a blank one), or non-existent (if I delete it).
Edit 3: The server runs CentOS.
An easy way is to let PHP create the directory itself in the first place.
<?php
$dir = 'myDir';
// create new directory with 744 permissions if it does not exist yet
// owner will be the user/group the PHP script is run under
if ( !file_exists($dir) ) {
mkdir ($dir, 0744);
}
file_put_contents ($dir.'/test.txt', 'Hello File');
This saves you the hassle with permissions.
Simple 3-Step Solution
Abstract: You need to set the owner of the directory to the user that PHP uses (web server user).
Step 1: Determine PHP User
Create a PHP file containing the following:
<?php echo `whoami`; ?>
Upload it to your web server. The output should be similar to the following:
www-data
Therefore, the PHP user is www-data.
Step 2: Determine Owner of Directory
Next, check the details of the web directory via the command line:
ls -dl /var/www/example.com/public_html/example-folder
The result should be similar to the following:
drwxrwxr-x 2 exampleuser1 exampleuser2 4096 Mar 29 16:34 example-folder
Therefore, the owner of the directory is exampleuser1.
Step 3: Change Directory Owner to PHP User
Afterwards, change the owner of the web directory to the PHP user:
sudo chown -R www-data /var/www/example.com/public_html/example-folder
Verify that the owner of the web directory has been changed:
ls -dl /var/www/example.com/public_html/example-folder
The result should be similar to the following:
drwxrwxr-x 2 www-data exampleuser2 4096 Mar 29 16:34 example-folder
Therefore, the owner of example-folder has successfully been changed to the PHP user: www-data.
Done! PHP should now be able to write to the directory.
Set the owner of the directory to the user running apache. Often nobody on linux
chown nobody:nobody <dirname>
This way your folder will not be world writable, but still writable for apache :)
1st Figure out which user is owning httpd process using the following command
ps aux | grep httpd
you will get a several line response like this:
phpuser 17121 0.0 0.2 414060 7928 ? SN 03:49 0:00 /usr/sbin/httpd
Here 1st column shows the user name. So now you know the user who is trying to write files, which is in this case phpuser
You can now go ahead and set the permission for directory where your php script is trying to write something:
sudo chown phpuser:phpuser PhpCanWriteHere
sudo chmod 755 PhpCanWriteHere
You can change the permissions of a folder with PHP's chmod(). More information on how to use the command is here: http://php.net/manual/en/function.chmod.php
If you get a 500 Error when setting the permissions to 777 (world writable), then it means your server is setup to prevent executing such files. This is done for security reasons. In that case, you will want to use 755 as the highest permissions on a file.
If there is an error_log file that is generated in the folder where you are executing the PHP document, you will want to view the last few entries. This will give you an idea where the script is failing.
For help with PHP file manipulation, I use http://www.tizag.com/phpT/filewrite.php as a resource.
I found out that with HostGator you have to set files to CMOD 644 and Folders to 755. Since I did this based on their tech support it works with HostGator
I had the same problem:
As I was reluctant to give 0777 to my php directory, I create a tmp directory with rights 0777, where I create the files I need to write to.
My php directory continue to be protected. If somebody hackes the tmp directory, the site continue to work as usual.
You can set selinux to permissive in order to analyze.
# setenforce 0
Selinux will log but permit acesses. So you can check the /var/log/audit/audit.log for details. Maybe you will need change selinux context. Fot this, you will use chcon command. If you need, show us your audit.log to more detailed answer.
Don't forget to enable selinux after you solved the problem. It better keep selinux enforced.
# setenforce 1
Best way in giving write access to a directory..
$dst = "path/to/directory";
mkdir($dst);
chown($dst, "ownername");
chgrp($dst, "groupname");
exec ("find ".$dst." -type d -exec chmod 0777 {} +");
chmod does not allow you to set ownership of a file. To set the ownership of the file you must use the chown command.
I'm running Ubuntu, and as said above nobody:nobody does not work on Ubuntu. You get the error:
chown: invalid group: 'nobody:nobody'
Instead you should use the 'nogroup', like:
chown nobody:nogroup <dirname>
Tiny little hint!
echo whoami;
make sure you use BACK QUOTES
NOT
single quotes ' '
!
(of course now the back quotes don't show up in this editor! oh well, I tried!)
I am creating an image dynamically using php. The image is being created if I go in and make the file first. However, if I don't create the file manually then I get the following error.
Warning: imagegif() [function.imagegif]: Unable to open 'filename2.png' for writing in /www/vhosts/yourraceresults.com/htdocs/trial/TextToImage.inc.php on line 144
Example:
public function SaveTextAsPng($fontSize, $x, $y, $textContent, $fileName='image'){
imagestring($this->image, $fontSize, $x, $y, $textContent, $this->text_color);
return imagepng($this->image, "/www/vhosts/yourraceresults.com/htdocs/admin/trial/images/".$fileName.".png");
}
$textToImage->SaveTextAsPng(10, 11,11, 'fakeinfo','filename2');
Either the output folder do not exist (in which case you have to create it), or you do not have write permissions to the output folder. To fix this:
If you're using a shell:
chmod 777 /www/vhosts/yourraceresults.com/htdocs/trial
If you're using an FTP client:
Right click on the "trial" folder, search for something called "chmod", "rights", "permissions" (perhaps in "properties"), then give it every permission or, alternatively, enter chmod value 777.
It seems your web user (apache, www, ...) has not got write permissions in the folder you are trying to write to. Or, if the file already exists, it has not got write permissions for that file.
Edit: Changing the permissions
Supposing you are on a linux like system with an apache web-server, first you need to find out as which user your web-server is running. You need to get a command shell on the server (ssh) and then you can probably see the web-server user typing the following command:
$ ps aux | grep httpd
In the list you will see all running apache processes with the username in the first column.
Let´s say that the web-user is apache, you now need to give apache write permissions in that directory. You can do that by changing the group to apache and giving write permissions to that group or by changing the ownership of the directory to apache. Let´s say you want to change the group:
$ chgrp apache /www/vhosts/yourraceresults.com/htdocs/trial
Give the owner and the group users (apache) write permissions:
$ chmod 775 /www/vhosts/yourraceresults.com/htdocs/trial
Disclamer: this is a fast solution, but I don´t know much about the safety, comments are welcome!
Do you have properly setted rights for output dir? I'm think your web server (and php with it) can't write to destination folder.
It seems your script needs write permissions on that directory. An easy way to change these permissions is to login via FTP and change the permissions from your FTP client. Most (at least, of the few I've tried) FTP clients offer an option when you right-click a folder called "Permissions" or "File Attributes" (FileZilla) or something like that. It should show a dialog with different permissions checkboxes; make sure to give at least the Owner permission to write. If you are on a *nix host, you should be able to go to the directory and issue the command chmod 755 . to change the permissions.
EDIT: chmod 777 . will give you the most permissions, if 755 does not work.