Jump to content
Spinland

Php Script Can't Write File To Server?

Recommended Posts

I've set up a web form with an accompanying PHP script to allow a user to upload a file to the server, but when I try to execute it I get:

 

---------------------------

Unable To Open File

 

We're sorry but we were unable to open results.txt. Please contact your server administrator to be sure that you have the proper permissions.

---------------------------

 

Is there something I need to do so the script can write? I would think if I uploaded it it would belong to me and the 750 permissions would give it write access.

 

Thanks in advance!

Share this post


Link to post
Share on other sites

Okay, after experimenting it seems I can get the script to have write access by changing the permissions on public_html to 770. Is this a security problem?

Share this post


Link to post
Share on other sites

Another problem: I can't change the permissions on or delete the uploaded file and folder the script created. I guess there's some kind of ownership problem with uploaded PHP scripts?

Share this post


Link to post
Share on other sites

Keeping a running monologue. Oh well. I've opened a help desk ticket to get the offending folder/file deleted, but I'm still in the dark why this problem exists. If the permissions on a folder are 7XX and I upload a PHP script via FTP, not only should the script come under my ownership, it should operate as me so the 7 in the 7XX should hold sway and anything it creates should also belong to me. Is this not the case?

Share this post


Link to post
Share on other sites

Hi there, Spinland.

The problem is that PHP runs as the user "nobody" and doesn't have permissions to write files to your (cpanel user) server space. By setting permissions to 770 you allow it to write to a folder, but then "nobody" owns the files written instead of you. So you can't do anything with them - only "nobody" can. Catch 22.

 

The Help Desk will get the files removed for you, but they can't solve the real problem.

 

There is a way around the problem, and somewhere on this board is a thread about how to do it. Perhaps one of the Mods can point you to it.

Share this post


Link to post
Share on other sites

Thanks, Jim. I did try several forum searches but didn't turn up that thread. I guess I'll hang tight in the hopes someone can point me to it.

Share this post


Link to post
Share on other sites

It seems like the only solution is to have a sub-folder for the script to write into that has permissions set at 777. It bugs me to have anything globally writable like that but I can't think of a better solution, apart from maybe stuffing the file into MySQL as a blob instead of writing it to a folder.

 

I did some more forum searching but didn't turn up anything useful.

Share this post


Link to post
Share on other sites

Sorry to say it but that's the only way it can be done. Global permissions need to be given for you to act on the file unless you write other scripts to do things with the files being uploaded.

Share this post


Link to post
Share on other sites

Okay, Bruce, thanks. At least I know to stop looking for another method! B)

Share this post


Link to post
Share on other sites

The solution I came up with for this problem was that I would use the PHP native FTP methods to log into my account via FTP and CHMOD the folder I wish to upload files to (changing permissions to 777), then upload the file using PHP (move_uploaded_file), then when the upload was complete, use the PHP FTP methods to CHMOD the folder back down to 755, or something more secure. This way I don't have to leave my folders globally writeable except when I was explicitly uploding. I know it is a bit of extra work, but it means I don't need to worry about leaving my directories exposed. This could also be used to set files as writeable and then you can set them back after you are finished.

 

I also experienced the pain of the "nobody" ownership on files. But ended up writing my own PHP script which would delete directories using (unlink) in case this ever happened. I can PM you this code if you would like, it came in handy for me when I was building my own site.

Share this post


Link to post
Share on other sites

Sure, that would be great; thanks!

Share this post


Link to post
Share on other sites

I've sent you a PM, don't hesitate to respond if you have any problems.

Share this post


Link to post
Share on other sites

Got it. Very interesting, thanks!

Share this post


Link to post
Share on other sites

The solution I came up with for this problem was that I would use the PHP native FTP methods to log into my account via FTP and CHMOD the folder I wish to upload files to (changing permissions to 777), then upload the file using PHP (move_uploaded_file), then when the upload was complete, use the PHP FTP methods to CHMOD the folder back down to 755, or something more secure. This way I don't have to leave my folders globally writeable except when I was explicitly uploding. I know it is a bit of extra work, but it means I don't need to worry about leaving my directories exposed. This could also be used to set files as writeable and then you can set them back after you are finished.

 

I also experienced the pain of the "nobody" ownership on files. But ended up writing my own PHP script which would delete directories using (unlink) in case this ever happened. I can PM you this code if you would like, it came in handy for me when I was building my own site.

Hi OJB,

I have the same problem with Spinland. Can you send me a copy of your script to help me resolve my problem!

Thanks!

Thang Nguyen

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...