Giving/Denying access to a file

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

m3rajk wrote:the only way to stop people from surfing to it is making it an include out side fo the web tree.
I have notice badly setups at hosts, that only gives a user access to /www/ and not lower. So imho using encryption-alg's om some sort on /www/thefiles/???? or a blob-field in the db seems to be a good way to go.
hedge wrote:Can't see how you could set permissions any differently, most installs I've seen php inherits the same user and permissions as the webserver so therefore if php can see it so can the webserver.
and
McGruff wrote:Certainly, on the site I worked on, a file/folder created by php had a php/php owner/group and, if you have a similar setup you could use permissions to restrict access to files or folders.
Good example is this boards phpBB, that I think does the same. Might scan that code for some ideas? =)
In other ways, if youre httpd is running as root, it should be very possible, but then again, I dont think that it's the way to set it up...
Post Reply