I've been trying a bunch of stuff with creating zips and files and whatnot with php, and it's safe to say I messed up quite a few times...
My most recent:
$tmpp = tempnam('../test','mod');
echo "<br/>"."<br/>".basename($tmpp).'<br/>'."<br/>".$tmpp.'<br/>'."<br/>";
echo mkdir(basename('../test/'.$tmpp));
I meant to do
$tmpp = tempnam('../test','mod');
echo "<br/>"."<br/>".basename($tmpp).'<br/>'."<br/>".$tmpp.'<br/>'."<br/>";
echo mkdir('../test/'.basename($tmpp));
Oh well though, mistake is made. Where is this just created directory? How can I see all the other files and directories and things as well as the tmp folder?
edit: long story short: I've created a bunch of files and directories that I can't account for and I want to be able to find them on clean then off my server. How can I view ALL the files on my server, including in the tmp folder?
What's the return value of mkdir? "false" ?
If so, I think maybe you need check your write permisson of the account which execute this php script.
Related
I'm trying to switch index files using PHP and have gone for a method where I rename respective index files, like this:
<?php
rename("/index.html", "/REALindex.html");
rename("/index2.html","index.html");
?>
The PHP script is located in a folder child of the index files, but when I run this php nothing happens to the files, so I am both wondering how I'm supposed to debug and also why it's not working..?
Thanks a lot.
If your PHP script has permissions to edit the local directories you're running in (based upon the comment you made), your HTML files are one level up from the php, so try:
rename("../index.html", "../REALindex.html");
rename("../index2.html","../index.html");
Note the forward slash at the beginning of the paths. Could it be that this is accidentally and you're unwillingly trying to move files from/to the filesystem root, where they just aren't?
SOULTION:
chmod -R 777 /var/www/html
+
rename("../index.html", "../REALindex.html");
rename("../index2.html","../index.html");
Whenever I use move_uploaded_file to my an uploaded file, the file always ends up in my web root. What am I doing wrong? Should the path be relative to my web root, or should it be an absolute path on my file system?
Ultimately what I'm trying to do, it have a folder for php to upload/dowload files. I don't want web bots and anyone else just to be able to access the files, i want only authenticated people using my website to be able to download the files. So this is how I have my file structure laid out:
/var/www/website/public_html
and
/var/www/website/files
and my move_uploaded_file command is like this:
move_uploaded_file($_FILES['txtFileSelector']['tmp_name'], "/var/www/website/files/".$_FILES['txtFileSelector']['name']);
but no matter what i've tried, the file always ends up in
/var/www/website/public_html
I've even tried sending the file in other sub folders of public_html but still no luck.
ah-ha! Destination path is relative!
So the solution for me is:
echo move_uploaded_file($_FILES['txtFileSelector']['tmp_name'], "../files/".$_FILES['txtFileSelector']['name']
Because of the relative pathing, use .../ to go up from the web root, and then move it to the desired storage folder.
CORRECTION
Absolute path or relative path either will work. It was a combination of folder permissions (www-data needs to either be owner or group member with read/write permissions) and me being an idiot and discovering a programming bug. My code was in a php class and the uploading was function. In my constructor I had a bug in my code. When doing OO there's a big difference between
$upload_dir = "/path/to/upload";
and
$this->upload_dir = "/path/to/upload";
I'm creating a .php file that will be uploaded to the root directory of a server. I need that .php file to then figure out the path to the public_html folder or it's equivalent.
I need to do this because I want my .php file to be able to be uploaded to the root and used on any hosting account. Because many hosting companies use different file paths to the public_html folder or even call it something different, I'm trying to figure out how to detect it.
Preferable there is a server variable or easy test to do this. If not, the public_html folder will always contain a particular file so maybe I could search for this particular file and get the path that way. I'm just worried about a filename search being heavy on memory.
The .php file that is being executed is located inside the ROOT directory and needs to locate the public_html folder.
Like this: /home/user/file.php
needs to detect
/home/user/public_html/ or /home/user/var/www/ or /home/user/website.com/html/ etc.
The challenge with this is that a server can have very many public_html's so outside of the context of a request there is no real way to find out what that is.
One thing that you might be able to do to get this information from a php script (if you know the url to get to the host) is to create a php file called docroot.php that looks like this.
<?php
if ($_SERVER["REMOTE_ADDR"] == '127.0.0.1'){
echo $_SERVER["DOCUMENT_ROOT"];
}
Then within your file.php your would do something like
$docRoot = trim(file_get_contents("http://www.mydomain.com/docroot.php"));
This makes the assumption that the server can resolve to itself via the local interface by name.
I found this website which provided me with the only good solution I have found after scouring the web...
$root = preg_replace("!${_SERVER['SCRIPT_NAME']}$!", "", $_SERVER['SCRIPT_FILENAME']);
The way this works is by getting the full path of the file and then removing the relative path of the file from the full path.
FINAL EDIT: FIXED but not solved. Not sure what was going on, but I created a new php file from scratch and that one worked. Very strange.
Edit: I have permissions set to 777 on all related folders
Edit 2: Added quotes to strings
Edit 3: Removed / before letter
Edit 4:
<?php mkdir("letter/testfolder",0777); ?>
worked perfectly and created the folder testfolder within letter.
I'm not really sure what I'm doing wrong here. I have many php files that work on their own, but when I try to execute this particular one, the only one that uses mkdir, it does not work and it loads the index.php files instead. I assume it is due to bad coding?
The code is
<?php
$letters = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z');
foreach($letters as $letter) {
mkdir("letter/$letter",0755);
echo $letter;
echo " created";
}
?>
The idea is to create 26 folders, one for each letter of the alphabet, inside the folder letter.
I feel like the answer is very obvious, but it is often my own obvious errors that I find the hardest to see.
mkdir("/letter/$letter",0755);
Tries to create folder in the /letter/ folder located at the root of the file system. Do you have it there? If you are trying to work with subfolders of the current working directory then use
mkdir("letter/$letter",0755);
and be sure that folder letter already exists.
ps: The php file is at the root of the disk and so is the folder letter - very weird configuration. Are sure you talking about the root of the disk and not about the root of the website? Enable output of all errors in php.
If you want to create folder at the root of the site use
mkdir($_SERVER['DOCUMENT_ROOT'] . "/letter/$letter",0755);
But this is true only if you are able to run the script. You phrase about it loads the index.php means that you have something else in the httpd.conf (lets say that your server is Apache) of your server or in .htaccess redirecting all request to the index.php file. If you are using any CMS on the website it could be possible.
You need to put a . before the path.
<?php
error_reporting(E_ALL); //<<Always a good idea
foreach(range('a','z') as $letter){
mkdir("./letter/$letter",0755);
echo $letter.' created';
}
?>
There are a few things you should do:
Enable error reporting
Test the result of your mkdir calls.
Once you do these two things, I'm guessing you'll see exactly why things aren't working for you:
// Useful in debug / development environments (disable in production)
error_reporting(E_ALL);
foreach ($letters as $letter)
{
if(mkdir("/letter/$letter",0755))
echo "$letter created\n";
else
echo "Failed to create $letter!\n";
}
i was stuck with this for a long time, perhaps this was your issue. if you are on SELinux there is an extra layer of permissions called "Security Context" which you can see with ls -alZ. use something like chcon system_u:object_r:httpd_sys_content_t:s0 public_HTML
it would make sense that the same file in different directories would work or fail, depending on this extra layer. hth
I'm writing a PHP function that will delete all the files in the directory that's passed to it (and eventually, possibly expand it to a recursive delete). To be safe, I want to make sure that, through a bug or something, I don't try to delete anything if the directory passed in is the root directory.
File permissions should protect me to a large extent, but just in case, and especially if I expand it to a recursive delete I just want to take that extra step.
As a complicating factor, this code may be run in a windows machine or a linux machine, so the root directory may look like 'C:\' or '/'. I assume there are other ways that really refer to the root as well, possibly 'c:\temp..'
So, is there a reliable way in PHP to recognize that a dir spec resolves to the root of the file system?
Elaboration...
I'm writing PHPUnit tests for a web app and I'm trying to create a framework where the state of the app is backed up before the tests are run and restored afterwards. The app allows users to upload files. Depending on what the file is it is copied to one of several possible directories.
To save and restore the state of the app those directories need to be copied somewhere, the tests run, then the directories need to have their files deleted and retreived from the backup.
The location of these directories can vary from one machine to another and I know that some people put them outside of the web app. There is a configuration file that can be read by the test that gives the location of those directories for the given machine.
If I don't restrict all these directories to a specific dir tree it's difficult to do the jailing. If I do restrict these directories to a specific dir tree then some people will have to reconfigure their machines.
You should have a defined root folder, which you never go above, a.k.a. jailing. The root folder is not the only folder where severe damage can be done.
Edit.
Although I still advocate using some sort of jailing, I suppose you could recognize the root folder by stripping out any drive-letters and translating \ to /. The root folder would then always be a single /.
function isRootFolder($dirpath) {
list($drive, $path) = explode(':', str_replace('\\', '/', $dirpath), 2);
return $path == '/';
}
Try, this function:
function is_root_dir($path)
{
$clean_path = realpath($path);
if($clean_path == '/' || preg_match('/[a-z]:\\/i', $clean_path))
{
return true;
}
else
{
return false;
}
}
It's not tested, I just wrote it in the editor here. realpath() resolves the path, folowing simbolic links and resolving stuff like: c:\temp.. == c:\
Edit: In the end you should folow the advice that nikc gave you, define a list of directories that are safe to delete.
I use this:
if (dirname($target)==$target) { // you're at the root dir
(is portable between Microsoft and everything else)
C.