Page 1 of 1
Writing and reading files with permissions
Posted: Tue May 18, 2010 10:48 pm
by Rabloo
Hey guys,
Is it possible to write a .txt file that has no public access (people can't view it), and then in another script read it (server-side reading/writing only)
?
Do I need to set file permissions when I create the file or something?
Thanks
Re: Writing and reading files with permissions
Posted: Tue May 18, 2010 11:24 pm
by zeus1
Yea, just make sure the folder you are writing to allows the webserver (www-data/apache) to write to it (make sure the webserver is the owner) and make sure that the folder does not allow global access. So something like this in the OS terminal: chmod g-rwx restricted_data_folder_for_world_name . If you also don't want people apart of your webserver group to be able to access file type: chmod go-rwx restricted_data_folder_for_world_name. If the files for some reason will have to be apart of the same folder you can use chmod function in php, keep in mind you have to use octals and not the friendly ascii codes. Refer to:
http://us2.php.net/manual/en/function.chmod.php
Best Regards,
ZEUS
Re: Writing and reading files with permissions
Posted: Tue May 18, 2010 11:30 pm
by zeus1
BTW, if you go the PHP route you will change the permission for each file instead of the folder.
Best Regards,
ZEUS
Re: Writing and reading files with permissions
Posted: Tue May 18, 2010 11:44 pm
by Rabloo
Ok thanks I'll take a look into it.
oh and, just one more question..
Can users modify php session variables client-side? I'm pretty sure they are stored in the browser so couldn't the user potentially access/modify these variables?
Re: Writing and reading files with permissions
Posted: Wed May 19, 2010 4:19 am
by Benjamin
Session data is stored on the server. The session id is sent to the browser. Clients can modify the session id, but not the contents of the session variables themselves. This is different from cookies of course, which are stored on the client machine.