[SOLVED] - Upload - Failed to open stream:Permission denied

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

[SOLVED] - Upload - Failed to open stream:Permission denied

Post by anjanesh »

Here is a simple code :

Code: Select all

<FORM ENCTYPE="multipart/form-data" ACTION="upload.php" METHOD=POST>
<TABLE>
<TR>
<TD ALIGN=right>Image: (100KB Limit)</TD>
<TD><INPUT NAME="imgfile" TYPE="file" SIZE=60></TD>
<TD><INPUT TYPE="submit" NAME="subEdit" VALUE="Submit"></TD>
</TR>
</TABLE>
</FORM>

Code: Select all

<?php
 $uploadDir = '';
 $uploadFile = $uploadDir . $_FILES['imgfile']['name'];
 !copy($_FILES['imgfile']['tmp_name'],$uploadFile)
 }
?>
Im getting this error :

Warning: copy(dd.jpg): failed to open stream: Permission denied in /xxxx/upload.php on line xx

print_r($_FILES) gave this
Array ( [imgfile] => Array ( [name] => dd.jpg [type] => image/pjpeg [tmp_name] => /tmp/phpvNVrST [error] => 0 [size] => 19473 ) )
So the error was 0.

I even tried move_uploaded_file() but got the same error.
The server is Apache.
Anyone know whats wrong ? Is it the code or the permission settings ? The code is working on localhost.
Thanks
Last edited by anjanesh on Tue Dec 27, 2005 3:21 am, edited 2 times in total.
User avatar
scorphus
Forum Regular
Posts: 589
Joined: Fri May 09, 2003 11:53 pm
Location: Belo Horizonte, Brazil
Contact:

Post by scorphus »

Please show us the output of this code:

Code: Select all

<pre><?php
ini_set('display_errors','1');
error_reporting(E_ALL);
print_r($_FILES); /* special attention to $_FILES['imgfile']['error'] */
if (!$fp = fopen('test.txt', 'w'))
	echo "Error creating file, it seems you don't have write permission.\n";
else {
	echo "test.txt was created, it seems you have write permission.\n";
	fclose($fp);
}
$uploadDir = '';
$uploadFile = $uploadDir . $_FILES['imgfile']['name'];
if (!copy($_FILES['imgfile']['tmp_name'],$uploadFile))
	echo 'failed to copy ' . $_FILES['imgfile']['tmp_name'] . "\n";
?></pre>
Scorphus
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

I got it to work when I right clicked folder Properties when using ftp and set the Permissions of Owner, Groups & All Users to Read, Write & Execute. And now it worked. But doesn't this mean that anyone can write ? If so its dangerous. So how do I overcome this problem ?
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

scorphus - The result of your code is :
Array
(
[imgfile] => Array
(
[name] => dd.jpg
[type] => text/plain
[tmp_name] => /tmp/phposlbpQ
[error] => 0
[size] => 119
)
)

Warning: fopen(test.txt): failed to open stream: Permission denied in /home/konkanuae/Konkan/test/scorphus.php on line 5
Error creating file, it seems you don't have write permission.

Warning: copy(dd.jpg): failed to open stream: Permission denied in /home/konkanuae/Konkan/test/scorphus.php on line 13
failed to copy /tmp/phposlbpQ

But when I checked the read,write,execute permissions for all users the result was :
Array
(
[imgfile] => Array
(
[name] => dd.jpg
[type] => text/plain
[tmp_name] => /tmp/phpSGiQAe
[error] => 0
[size] => 119
)
)
test.txt was created, it seems you have write permission.

But is setting the permissions to all users the method to solve the problem ? Isn't this potentially dangerous ?
User avatar
scorphus
Forum Regular
Posts: 589
Joined: Fri May 09, 2003 11:53 pm
Location: Belo Horizonte, Brazil
Contact:

Post by scorphus »

Yes, anyone has write permission to the folder. But this doesn't mean they can delete or change the contents of this folder (assuming they have no write permission to these contents). They can only delete/change their own files/subfolders.

What you could do is implement the access permission with group bits. Deny wrx for all users and add the Apache user (comonly www-data or nobody) to the group of the folder, then control the access with the folder's group.

Hope you got it,
Scorphus.
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

How do I create a group here ? ftp explorer is not having any option for that ? Do I have to get to direct ftp (command prompt) ?
Also - how does this make it secure ?
What I'm doing is for a admin part who needs to upload stuff. The username & pwd is offcourse thru mysql db but how do I control file access here ?
Thanks
User avatar
scorphus
Forum Regular
Posts: 589
Joined: Fri May 09, 2003 11:53 pm
Location: Belo Horizonte, Brazil
Contact:

Post by scorphus »

Tell me a bit about the server. Is it a server from a contracted Service Provider Company? Is it yours? Is it a public computer (school)?

You must have administration previleges to manage groups on the server. If it is not the case, you can see with the system's administrator this possibility.

But it is not really a security risk, specially if it is a contracted srvice, they have a good security schemes. Also make sure writeable folders are few and hidden (caution with error messages) from the user.

Regards,
Scorphus from Brazil, a great India partner!
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

The server is from a Web Hosting Co and has (from phpinfo) :

Linux linux5
Apache/1.3.28 (Unix) Resin/2.1.1 mod_ssl/2.8.15 OpenSSL/0.9.7a PHP/4.3.7
User/Group nobody(99)/99
User avatar
Joe
Forum Regular
Posts: 939
Joined: Sun Feb 29, 2004 1:26 pm
Location: UK - Glasgow

Post by Joe »

I have had similar errors to that and the best way to solve it is to set the directory CHMOD to 777. Im not sure about the security issues raised there but it works for sure!
User avatar
scorphus
Forum Regular
Posts: 589
Joined: Fri May 09, 2003 11:53 pm
Location: Belo Horizonte, Brazil
Contact:

Post by scorphus »

anjanesh wrote:The server is from a Web Hosting Co and has (from phpinfo) :

Linux linux5
Apache/1.3.28 (Unix) Resin/2.1.1 mod_ssl/2.8.15 OpenSSL/0.9.7a PHP/4.3.7
User/Group nobody(99)/99
So you'll have to see with this Web Hosting Co how and if they can manage this situation for you. Maybe they have some group permission scheme involving client's group and the nobody group.

But, as I said, there is no really a security risk, the security role is played by the server administrators, and they should have done it well (ask them too). Keep your writeable folders few and secret (caution with error messages).

Regards,
Scorphus.
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

[SOLVED]

Post by anjanesh »

Thank guys for the info.
SOLVED
Post Reply