I have a PHP web application running on IIS, which allows a user to upload a file from a simple html form. The uploaded file is then moved to a folder on another server. This is working correctly on Apache, but fails on IIS with the error:
function['move_uploaded_file']failed to open stream: Permission denied
in...
I've checked all the permissions on the directories. If I run a simple PHP script through the command line to copy a file from the server into the folder on the other server it works correctly, so I suspect the problem is with IIS.
if (move_uploaded_file($_FILES ["file"] ["tmp_name"], "\\\\000.00.0.00\\tia\\web\\upload\\" .$_FILES["file"]["name"])) {
This has been covered already here. Quoting the reason here:
You have mapped target directory to a share such as \server2\files. These mappings are only available to the current users (eg, the admin account), not to the IUSR account that your php is probably running as (assuming IIS). Solution, don't use mappings, instead use the full 'unc' path name, ie '\server\share\folder\file.ext', also remember that the IUSR account will need access to these shares/folders/files
From what I can see in your comment, you are using a \\ prefixed network share as the target for your move_uploaded_file() operation.
I'll bet a beer that PHP isn't allowed to access that share. Remember, PHP runs with IIS's permissions!
Try saving to a local, globally writable path first. If that works, you know you have to fix the share's permissions.
Related
I'm copying a file from $source to $destination.
If I execute copy($source, $destination) from PowerShell, it works.
If I call this copy($source, $destination) from Apache, it complains copy(...): failed to open stream: Permission Denied.
I am able to open up explorer and copy and paste file manually. I am using PHP 7.1, Apache 2.4 on Windows Server 2012R2.
Why is this happening? Could someone provide an insight?
If run under Windows Apache already has all the permissions it needs, as it runs under the LocalSystem account, which has extensive read/write access to local paths. This is inherited by PHP and the scripts it runs.
If there is a problem then –
The additional file permissions that have been set up afterwards are at fault (check Windows Event viewer).
The configuration has been incorrectly edited, such as the: WP upload path settings, php.ini temp folder location + upload settings, etc.
The Apache Service ‘Log On’ account has been changed from “LocalSystem” to something else (check Service’s Properties).
Possibly PHP’s open_basedir setting has been enabled in VirtualHost or .htaccess and is restricting the paths PHP can access.
Or there are internal PHP errors (check the website’s HTTP and PHP error logs).
EDIT
Since it is sugggested i add this solution possibility if you are stuck at point 3:
Create a user with extensive file permissions and change Apaches service to run under that user. I strongly suggest not to use the system admin user (or any admin user) profile for this.
I have Ubuntu Server with lamp.
When i uploading files like xls or images it works fine, but when I trying to open it says me that the Excel file was broken. Same thing happens with images
Is it possible that php changes the file?
Permissions for /var/www/publick_html/uploads is 777
well, I know,I use windows and maybe this is extremely OFF TOPIC, but I have a simililar problem with uploaded files and my experience can be usefull for other people.
In my case, the uploaded file can not be open because it was written first in
C:\Windows\Temp
and then moved to the upload directory, but my temp folder doesn t have permission to access to it. Infact, if I click on temp folder I see:
After I clicked "Continue", the problem has been solved!
The problem was in versions of apache and php.
Version of apache was 2.2 and php was 5.4
I upgraded my apache to 2.4 version and now it works fine.
This should solve your problem with being unable to open uploaded files with PHP on SQL SERVER. It solved mine.
You may come across the following problem using PHP on Microsoft IIS: getting permission denied errors from the move_uploaded_file function even when all the folder permissions seem correct. I had to set the following to get it to work:
Write permissions on the the folder through the IIS management console.
Write permissions to IUSR_'server' in the folder's security settings.
Write permissions to "Domain Users" in the folder's security settings.
The third setting was required because my application itself lives in a secure folder - using authentication (either Basic or Windows Integrated) to identify the users. When the uploads happen IIS seems to be checking that these users have write access to the folder, not just whether the web server (IUSR_'server') has access.
Also, remember to set "Execute Permissions" to "None" in the IIS management console, so that people can't upload a script file and then run it. (Other checks of the uploaded file are recommended as well but 'Execute None' is a good start.)
reference https://www.php.net/manual/en/features.file-upload.php
We have an PHP XML parsing script that uploads photos to a folder structure like /content/images/2012/05/31/%object_id%/. This parser runs primarily as a DirectAdmin cronjob. We run into many problems getting the folder permissions right to enable the uploading in that directory for both the cronjob as running the parser via the browser.
According to print_r(posix_getpwuid(fileowner($directory))); the owner of the directory is is the same as get_current_user(). Nevertheless I receive: Warning: mkdir() [function.mkdir]: Permission denied when running the script via the browser. It works fine when running it as a cron job.
All folders have chmod 0777 and new folders are created as such;
mkdir($path,0777,true);
Naturally we have the same permission problems with uploading and/or deleting the files themselves.
Is there any way to enable all the file actions running both as a cron job and through the browser?
We are running Linux with PHP Version 5.2.17.
Couple of thinks to note: get_current_user gets the owner of the .php file (i.e. the script) but NOT the name of the user that is running the php script. Invariably these are different as the file will be uploaded by you (a regular user) and php/apache will run as a different user (often called "apache" or "www".) You need the latter of these two. suggested snippet from the php manual to get this is:
$processUser = posix_getpwuid(posix_geteuid());
print $processUser['name'];
(http://php.net/manual/en/function.get-current-user.php - see comments)
To solve you current problem, though, my strong suggestion is to run the cron as the same user that the php/apache is running as (check man page on crontab) - the user should be the one in that snippet above, CHOWN the files and directories to that same user (they will currently be root) and to a group that is shared between you and the FTP client. Then make sure the user and group have read+write permissions so you can also edit from ftp. Make sure you change permissions on both directores (775) and files (644) as your script creates them.
Also note that if you mkdir(), then the directory above must also have write permissions for the user (and this might actually be your initial problem, and why only root/cron can write there).
i have developed an application on Macintosh using MAMP
when i upload it to the server which is powered by Cpanel11, CentOS 5.. it gives several error regarding file permissions by default it gives 0700 file permission to most of the files which does not work within my server. i would want to know how do i apply the file permission settings for my PHP application,
the directory structure or the rule i want to apply is for the following conditions.
a)File uploading Directory
b) most of the php file is using include_once()
c) the normal php files which communicates with each other.
thank you
File uploads in PHP first hit the defined temporary directory (see 'upload_tmp_dir' directive in your PHP.ini) and finally your intended destination directory (PHP command "move_uploaded_file").
Your PHP process runs as a certain user that needs to own the destination directory or is in a group that is allowed to write to this directory - unless the whole directory is not writable for everyone (it's not in your case).
Try chmod after move_uploaded_file.
im running on windows xp and i am an administrator, im using the latest xampp bundle available from their site and i receive these kinds of errors when i use file manipulation functions on php...
Warning: chmod() [function.chmod]: Permission denied in...
Warning: opendir(/feeds) [function.opendir]: failed to open dir: Permission denied in
do i need to set any environment variables for apache before i can use these functions?
but i think the problem lies only on my folder access permissions, but if so, how do i set a folder's accessibility properties on windows?
Does your php worker process have the necessary permissions?
Make sure whatever user the process is running as has proper permissions for the directory it is puking on.
right click on the folder, permissions...
it appears that my script referred to an inexistent directory as i just specified $dir='/feeds';it works fine on my machine in our office but i wonder why with the same configurations here on my pc at home it doesnt
as reference for other people who might have the same problem in the future my answer would be
check and make sure you are pointing your script to the right file :)
You can try setting the umask as well before the chmod like so;
$old_mask = umask(0);
chmod('/path/to/file', 0755);
umask($old_mask);
More information on umask can be found at PHP's Manual