Ownership

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

ceige
Forum Newbie
Posts: 8
Joined: Sat Jan 03, 2004 8:09 am

Ownership

Post by ceige »

I am building a photo gallery for some relatives of mine and wanted to make dynamic thumbnails for it. I found a few ready made photo gallery scripts out on the web but none of them fit my needs exactly so I decided to write my own.

My photo gallery script takes the photos in a directory and places thumbnail versions of them in a directory ./thumbs. The problem I ran into is that when my script creates the dir thumbs and creates the thumbnails it does it under the apache group and I, in the webmaster group, do not have permission to delete them.
How can I make apache give me ownership rights? When I use chown it says it cannot find my username/group. Why is that? chmod 777 does not let me delete them either.

Since I lack understanding in all matters any help is appreciated.
Thank you.
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

try: chown yourUser:yourGroup -R ./thumbs
then try removing the files. rm -rf ./thumbs
ceige
Forum Newbie
Posts: 8
Joined: Sat Jan 03, 2004 8:09 am

Post by ceige »

I need some way to do it through my script directly or through ftp. I don't have a shell acount on the server to allow me to use those unix commands.
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Don't know if you have access to the [php_man]exec[/php_man] or [php_man]system[/php_man] commands. If you do you can use those.

You may also want to consider using the [php_man]unlink[/php_man] function. Or You could try doing the following:
Open the file via a php script in 'w' mode (to truncate the data)
Write the contents of the truncated file.
** This will leave the filename laying around, but it will have a zero length (since you opened in 'w' mode (meaning you truncated the file)) See [php_man]fopen[/php_man] for more information on the modes you can open the file in.
ceige
Forum Newbie
Posts: 8
Joined: Sat Jan 03, 2004 8:09 am

Post by ceige »

Thanks for the help, I'm in the middle of writing a script that will allow me to manage and delete the files I have on the system.

...but I don't want to repeat this, when I create an image or a directory what mod should I pass to chmod to give me access to the files?
0777?
Will that give everyone in the world access to it?
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Yes, 0777 will give "everyone" the ability to view,edit, execute, and delete the files stored. However, if these are simply images (not executable code) it would be a good idea to set 0555 on the file(s) which would continue to allow anyone to view, edit, and delete the file, but it would remove the possiblity of "executing" the contents of the file.

breakdown of the modes:

First bit:
4 - Sets the "set user id" mode
2 - Sets the "set group id" mode
1 - Sets the "save text image" (or sticky) bit

Next three bits:
4 - Sets the r attribute
2 - Sets the w attribute
1 - Sets the execute attribute


All four fields can add up to 7 (any combo of 4,2, or 1).
eg: 0441 = -r--r----x
0521 = -rw--w---x
1577 = -rw-rwxrwt
and so on.
Nay
Forum Regular
Posts: 951
Joined: Fri Jun 20, 2003 11:03 am
Location: Brisbane, Australia

Post by Nay »

evilMind, mind me asking.......

how do you 'execute' an image? 8O

urm.......calling it by the url but yeah, what happens when you 'execute' an image? It dies? o.O

-Nay
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

There's a lot of spaces where you can "fill in" an image w/o distorting it's contents too much. Same thing with mp3's.

Overall, I'm just being cautious.
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Haven't you seen the *.jpg image that opens 100's of windows in about 2½ seconds?
IE of course, but the scary thing is that you can't bypass it as the bad code is run though the IE's image parser showing the image...
ceige
Forum Newbie
Posts: 8
Joined: Sat Jan 03, 2004 8:09 am

Post by ceige »

I wrote a small script that should delete the files I want deleted but it doesn't do a doggon thing.

Code: Select all

<?php
$path = "./*";
$cmd = "rm -rfv $path";
$string=system($cmd);
echo "$string";
?>
I place this file, delete.php, in a folder whose contents I want deleted. I then access it in a browser and it should delete all the files and print any returns from the computer on the screen.

I've also tried:

Code: Select all

<?php
$path = "./*";
$cmd = "rm -rfv $path";
passthru($cmd);
?>
...but it doesn't print anything and it doesn't delete anything...
Any help?
redmonkey
Forum Regular
Posts: 836
Joined: Thu Dec 18, 2003 3:58 pm

Post by redmonkey »

Perhaps you need to use umask() ? Have you double checked the permissions after creating the directory? Try running this little script.....

Code: Select all

<?php

$oldmask = umask(0);
echo mkdir('foo', 0777) ? "foo created\n<br>\n" : "Failed to create foo\n<br>\n";
umask($oldmask);

$fp = fopen('foo/bar.txt', 'w');
fwrite($fp, 'Some Text');
fclose($fp);
chmod('foo/bar.txt', 0666);
?>
That should create a sub directory called 'foo' then place a small file in it called bar.txt

Then run this little script....

Code: Select all

echo unlink('foo/bar.txt') ? "bar.txt deleted\n<br>\n" : "Failed to delete bar.txt\n<br>\n";
echo rmdir('foo') ? "foo deleted\n<br>\n" : "Failed to delete foo\n<br>\n";
That should remove both the file and directory.
mwong
Forum Commoner
Posts: 34
Joined: Sun Dec 28, 2003 2:58 am

Post by mwong »

JAM wrote:Haven't you seen the *.jpg image that opens 100's of windows in about 2½ seconds?
IE of course, but the scary thing is that you can't bypass it as the bad code is run though the IE's image parser showing the image...
I haven't! What's that?
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Sorry, can't remember where I found it (I been wanting to send that to some 'friends' more than a couple of times now).

It was just a plain image (it really was an image) that someone had manipulated in the sence that they added bits of code inside of it. When the image was viewed on the net as any ordinary image, Internet Explorer would duplicate itself.
Extremely fast, and with a not so funny outcome as it used IE's internal imagehandling code.

"Internet Explorer of course..." you might say, but who knows... Mozilla the next time perhaps.

I think MS fixed that bug though, so even if the image is found you likely wouldn't notice it.
ceige
Forum Newbie
Posts: 8
Joined: Sat Jan 03, 2004 8:09 am

Post by ceige »

Ok, I finally got it to spit out some error messages for me to work off of.

Using this php line:

Code: Select all

echo unlink('path/file.jpg') ? "Deleted file." : "Failed to delete file.";
it returns:

Code: Select all

Warning:  unlink(): SAFE MODE Restriction in effect.  The script whose uid is 22152 is not allowed to access /home/virtual/site93/fst/home/chris/public_html/hardeman/family/thumbs owned by uid 48 in /home/virtual/site93/fst/home/chris/public_html/hardeman/delete.php on line 2
 Failed to delete file.
Why does this happen?
How can I work around it?
redmonkey
Forum Regular
Posts: 836
Joined: Thu Dec 18, 2003 3:58 pm

Post by redmonkey »

Well, it means what it says on the tin!

Safe Mode is on and running UID checking. As for work arounds, has your PHP been compilied with FTP functions enabled?
Post Reply