Not able to delete files from my own server!
Moderator: General Moderators
- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
Hi Launchcode
I've tried uploading again. I set the 'upload' directory to CHMOD 1777 (the highest it can be as far as I'm aware), and also to 'sticky'. The upload process creates a directory in upload, and then proceeds to upload files to that directory.
I just ammended my PHP upload script with
However, even in the same script, it gives the error
I've tried uploading again. I set the 'upload' directory to CHMOD 1777 (the highest it can be as far as I'm aware), and also to 'sticky'. The upload process creates a directory in upload, and then proceeds to upload files to that directory.
I just ammended my PHP upload script with
Code: Select all
chown( 'upload_path_file', 'rootusername' );Code: Select all
Warning: chown failed: Operation not permitted in /XXX/public_html/admin on line 2397- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
That isn't totally unexpected - it's just saying it cannot assign the files to your user account (which is unfortunately correct, it doesn't have that kind of permission).
I'm more interested in if you can delete the files from the same script as you upload them with?
"upload process creates a directory in upload" - which will also need 777 for this test.
I'm more interested in if you can delete the files from the same script as you upload them with?
"upload process creates a directory in upload" - which will also need 777 for this test.
I do all the coding on a not for profit site where this is indeed the case. And you're right about the risks: I once wrote a file browsing script with an "up a level" button. You can jump right out of root to view a list of thousands of other sites on the same server...launchcode wrote:Very rarely have I seen a PHP "own" anything, unless that server has specifically created a php user and set scripts to run as it - if they haven't, they will be run as the default Apache user account which has the same lack of privs as "nobody". If you just think about the security implications of allowing one single "php" user to read/write anywhere on a shared server - well, you could cause havoc.
- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
Hi
I still seem to be having problems. It appears now that I am able to delete files from the server via PHP, however the script works by first copying the files (photos) from the user's computer to the server, before resizing them physically using GD, resaving them, then moving them to another directory. This directory is created via the script, inside a directory that I initially created using FTP. However, when I try to use the usual mkdir() I am getting another permissions error!
Is this because I am trying to create a directory inside one created under my username and group, and PHP is trying to create a directory under the ownership 'apache' and group 'apache'? A ream of other errors are being produced as a result of this.
I hope that makes sense
Many thanks
Mark
I still seem to be having problems. It appears now that I am able to delete files from the server via PHP, however the script works by first copying the files (photos) from the user's computer to the server, before resizing them physically using GD, resaving them, then moving them to another directory. This directory is created via the script, inside a directory that I initially created using FTP. However, when I try to use the usual mkdir() I am getting another permissions error!
Is this because I am trying to create a directory inside one created under my username and group, and PHP is trying to create a directory under the ownership 'apache' and group 'apache'? A ream of other errors are being produced as a result of this.
I hope that makes sense
Many thanks
Mark
- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
Exactly. Your ftp program is operating under a different UID to php - that's normal.mjseaden wrote:Hi
...the script works by first copying the files (photos) from the user's computer to the server, before resizing them physically using GD, resaving them, then moving them to another directory. This directory is created via the script, inside a directory that I initially created using FTP. However, when I try to use the usual mkdir() I am getting another permissions error!
Is this because I am trying to create a directory inside one created under my username and group, and PHP is trying to create a directory under the ownership 'apache' and group 'apache'?
Mark
Can you create the second directory (where you move the images to) with php rather than ftp? You might need to CHMOD 777 (with your ftp program) to allow php to mkdir inside a dir owned by another UID but, once it's there, you can CHMOD back to 755. A php-owned file or dir can live happily inside a dir with another owner/group.
Hi McGruff,
I could do this, but I wouldn't really be able to manually change permissions each time a file is uploaded. I am not the only one uploading files, rather remote users with a username and password given by myself will also be able to, therefore it needs to be fully automated otherwise it creates unnecessary work.
Funnily enough, I didn't have any problems like this when I was using a Windows server with the same code a couple of weeks back.
I could do this, but I wouldn't really be able to manually change permissions each time a file is uploaded. I am not the only one uploading files, rather remote users with a username and password given by myself will also be able to, therefore it needs to be fully automated otherwise it creates unnecessary work.
Funnily enough, I didn't have any problems like this when I was using a Windows server with the same code a couple of weeks back.
- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact: