I have a file in my project folder.How i can i give file write permission using php.I used this code
chmod($file,0777);
But it giving an error
Warning: chmod() [function.chmod]: Operation not permitted
The file is created by another user.Is their any way to do this .Thanks in advance
This happens because PHP does not have rights to do the change. The user under which PHP runs is usually the web server's user and different from the user you use to add files.
You generally only do chmod on files created with PHP. To be able to do this on other files you need to change the owner (chown).
The current user is the user under
which PHP runs. It is probably not the
same user you use for normal shell or
FTP access. The mode can be changed
only by user who owns the file on most
systems.
From http://php.net/manual/en/function.chmod.php
Well - you just can't if it says you are not permitted to.
Point is - the file belongs to some user and group, most likely root:root - and you are just a user on the server. If root's the owner of that file, you can't change the permissions at all.
Notes:
$file must be a filename. If you put the handle there, the file (most likely) doesn't exists, but still.
Check if the filename is not beginning with / or something. Try different variations.
you can install php via SUEXEC or SUPHP instead of mod_php which allows to change the user as which php is executed, still this dosnt solve anything if the owner is set wrong
Related
I have setup a demo "admin" website with all file permissions set to 555 for directories and 444 for files so that any "save" functionality is disabled. So far so good.
However, I noticed that the PHP touch() function is unaffected by file permissions? I am successfully running PHP touch() on directories that have no-WRITE permissions (555). Seems a bit odd. Is this intended behavior (PHP 7.2)?
I am trying to prevent touch() from being able to execute (via file permissions), but can't currently see how this is possible.
Thanks.
From the utimes(3) documentation:
The effective user ID of the process shall match the owner of the file, or has write access to the file or appropriate privileges to use this call in this manner.
So the owner can update the timestamps even without write access. You need to change the ownership of the files so they're not the same as the user running the PHP script.
If this is a problem, maybe you should use some other method to keep track of changes that the file modification times.
I am using Jasperreports for generating the reports. When I am generating the new reports it will be own by root with permission of 644. So other users dont have permission to view this report.I want to change the ownership of the file or change the permission.So everyone can view or download the reports.
I tried below php functions
chmod($item, 0777);
chown($path, 'www-data');
It gives
error: dont have permission to do this
. Because its own by root and current user is www-data.
Anyone please help me,
Actually, based on what you're saying, all users have permissions to view that file. 644 means owner can read and write, and group and others can only read. If your script is getting an error reading that file, it might be because of the permissions of the directories in is path, but not the file itself.
If you could change the owner or permissions of a file owned by root like that, it would subvert the whole concept of unix file permissions. Think about it.
You can always change the user running these reports though, or add logic on the report generation side to move or change the permissions on the file as the user who owns it.
As an aside, chmod 777 is an ugly kludge used only by those who have little knowledge of unix permissions . Professionals don't do it. You should bump your understanding of unix file permissions to the next level:
https://www.tutorialspoint.com/unix/unix-file-permission.htm looks promising.
According to the manual, the owner and the supersuer have the right to do this.
And you only chage the file mod or owner, will not do. You have also to change the path.
chown
Attempts to change the owner of the file filename to user user. Only
the superuser may change the owner of a file.
Note: This function will not work on remote files as the file to be examined must be accessible via the server's filesystem.
Note: When safe mode is enabled, PHP checks whether the files or directories being operated upon have the same UID (owner) as the
script that is being executed.
chmod
Attempts to change the mode of the specified file to that given in
mode. Note: The current user is the user under which PHP runs. It is
probably not the same user you use for normal shell or FTP access. The
mode can be changed only by user who owns the file on most systems.
Note: This function will not work on remote files as the file to be
examined must be accessible via the server's filesystem.
Note: When safe mode is enabled, PHP checks whether the files or
directories you are about to operate on have the same UID (owner) as
the script that is being executed. In addition, you cannot set the
SUID, SGID and sticky bits.
I have an image upload script. I ran into some trouble with permission errors so for the last little while the upload directory has had permissions 0777. Dangerous, I know.
For some reason, it was the only permission that would allow the files to upload. I have now realised that the reason a safer permission didn't work was because of the owner of the directory.
I've been creating my upload directories using FTP. I thought this would be okay. But from what I understand FTP and HTTP aren't in the same group?
I've started creating the directories using PHPs mkdir() allows me to set a safer permission that works with my script.
But before I possibly get into another bad habit. Can someone please confirm that this is the correct way to do it? Is there a better way?
The owner of the directory should be the user which runs your PHP script - on Ubuntu this would be www-data. Shortly, creating folders with PHP mkdir() is okay. Then you should set permissions. 0700 is the most secure but if other user needs to read from or write to this directory, you should add this user to the main group of user which runs your PHP script and set permissions to 0750 or 0770 respectively. On Ubuntu this group is also www-data.
Is it possible to arrange file permissions/group ownership/etc in such a way that a file can be read by the function readFile() for a forced download, but it cannot be downloaded by navigating to the literal url of the file?
Maybe you could add the user that is running apache / php to the group that owns the file. And set config to read and write for owner and owner group, and no permission at all for others. (-rwxrw---- 0r 0760)
Never tested it, but it should work.
The Apache user will need read permissions. To prevent it from being navigated to, the best (and easiest) solution is to store the file outside of the web folder.
I want to write text file using PHP.
I can write it using fopen and fwrite function on Windows platform. But, that program is not able to write it on Linux Platform.
Is there any solution?
fopen and fwrite work exactly the same on Linux, but you may have a permission issue there. To solve this, you need to check:
the user under which PHP runs (in a vanilla Apache/PHP install, this is usually www-data)
the permissions and ownership of the directory you are trying to write to
What you need is write permission on the directory for the PHP/Apache user. The easiest (and dirtiest) way of achieving this is is to just make the directory world-writable (chmod o+w the_dir), but this is highly insecure, allowing anyone with any kind of access to the system to store stuff there. A better solution is to either make the PHP user the owner of the directory and specify permission 700 (or 755 if you want it to be world-readable), or create a new group, put the PHP user and yourself in that group, set the group on the directory, and set permission 770 (775 for world-readability) on the directory.
It should work, please check the users permission to the directory and/or file.
You always can try this program writing to /tmp/my.log, it should work)
Of course, you can use the same fopen and fwrite functions on Linux.
The only special thing is that the folder where it's written (or at least the file itself) must be given write permissions.
An easy way to test it would be to set the file permission (or its folder) to 777.
fopen and fwrite works on both SO.
Probabily you have permission denied. Try to give write perms on your file on linux.
You can use php chmod func