Uploaded file permissions

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
evilmonkey
Forum Regular
Posts: 823
Joined: Sun Oct 06, 2002 1:24 pm
Location: Toronto, Canada

Uploaded file permissions

Post by evilmonkey »

Hello.

Wow, been a while since I asked a PHP question. :lol: Alright, I have a slight annoyance. I worte a script to upload files (images to be exact), but the problem is, I cannot go into the FTP and delete them, permission denied. Nor can I delete them throught Cpanel's file manager, also permission denied. The only way to get rid of that file is to write another php script that would delete it, that works. While I plan to write such script, a plan B is never a bad idea, so how can I fix the problem? Below is my code (I'm uploading 6 pictures at a time and the field nmaes are pic1, pic2, pic3, pic4, and pic5, hence the 'for' loop and $_FILES['pic'.$i]. I love variable variables and variable keys :D).

Code: Select all

if ($_POST['process'] == "upload_pics"){
	$pic1 = $_POST['pic1'];
	$pic2 = $_POST['pic2'];
	$pic3 = $_POST['pic3'];
	$pic4 = $_POST['pic4'];
	$pic5 = $_POST['pic5'];
	$album = $_POST['album'];
	$pull_album_info = mysql_query("SELECT `name` FROM `pic_albums` WHERE id = $album", $db);
	$album_info = mysql_fetch_assoc($pull_album_info);
	$album_name = $album_info['name'];
	$date = date("Y-m-d");
	for ($i=0; $i<=5; $i++){
		if ($_FILES['pic'.$i]['name']!=""){ //if there was input 
			$info = @getimagesize($_FILES['pic'.$i]['tmp_name']);
			if ($info[2]==2) {
				if (move_uploaded_file($_FILES['pic'.$i]['tmp_name'], "../pics/".$album_name."/".$_FILES['pic'.$i]['name'])){
					mysql_query("INSERT INTO `pictures` (`url`, `album`, `date`) VALUES ('../pics/".$album_name."/".$_FILES['pic'.$i]['name']."', ".$album.",".$date.")", $db) or die (mysql_error());
				}
				else { die("Cannot upload file"); }
				
			}
			else{
				die ("ALL PICS MUST BE .JPG or .JPEG! Please go back and fix it");
			}
		}
	}
	echo "Pictures uploaded! You are bieng redirected to the admin homepage";
	echo '<meta http-equiv="refresh" content="3;index.php">';
}
Thank you! :D
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

well since the user that runs php owns the files, you might be able to chown them to your user.. but this makes it impossible for the script to delete them probably. What about chgrp? Is your user and the php process user under the same group? If so, that's the route. Last resort is to try chmod.. If that doesn't work, then I'd say you might want to change the method of the files being stored to ftp'ing the files in. That way, your user is their owner.
User avatar
markl999
DevNet Resident
Posts: 1972
Joined: Thu Oct 16, 2003 5:49 pm
Location: Manchester (UK)

Post by markl999 »

I agree with Feyd, chmod sounds like the only option as chown can only be run with root permissions.
User avatar
evilmonkey
Forum Regular
Posts: 823
Joined: Sun Oct 06, 2002 1:24 pm
Location: Toronto, Canada

Post by evilmonkey »

Thanks, I'll give it a shot and shout back. :D
Post Reply