php5 uploading unc path
Posted: Tue Aug 09, 2005 9:41 am
here's another strange thing that doesn't make much sense, but it seems to be the only solution to moving uploads to a UNC path (\\servername\share) in php 5 on win2k3 using iis when you're in basic auth mode (forget about integrated - it doesn't work because it doesn't pass any credentials to php)
the solution: run php as a cgi, not an isapi. yes, i know - performance issues. but im telling you i've tried just about everything. And I'm not blaming PHP on this. It's definitely IIS. I'm guessing that with isapi, since it is loaded like a service and runs as localservice on the server (hence your performance increase) it doesn't handle any kind of impersonation of accounts, even if you force the user to log in. the cgi executable, on the other hand, is invoked on every page call and by whatever user is logged in (iusr_machinename or whatever else). so when the cgi tries to use the move_uploaded_file function to move it from your temp folder ot the unc path, it asks the destination folder if it can put a file there using the security context that the CGI is running under. so if you've validated a domain user with iis's basic auth (better use ssl as well), and that user has write/modify permissions to the destination folder, it should work.
other things you have to check for are: did you set up the web service extension for php in iis? you have to ALLOW the php-cgi.exe file to run. also, check php.ini and make sure your uploads section has the proper stuff.
hope someone can benefit from all this silliness.
jim
the solution: run php as a cgi, not an isapi. yes, i know - performance issues. but im telling you i've tried just about everything. And I'm not blaming PHP on this. It's definitely IIS. I'm guessing that with isapi, since it is loaded like a service and runs as localservice on the server (hence your performance increase) it doesn't handle any kind of impersonation of accounts, even if you force the user to log in. the cgi executable, on the other hand, is invoked on every page call and by whatever user is logged in (iusr_machinename or whatever else). so when the cgi tries to use the move_uploaded_file function to move it from your temp folder ot the unc path, it asks the destination folder if it can put a file there using the security context that the CGI is running under. so if you've validated a domain user with iis's basic auth (better use ssl as well), and that user has write/modify permissions to the destination folder, it should work.
other things you have to check for are: did you set up the web service extension for php in iis? you have to ALLOW the php-cgi.exe file to run. also, check php.ini and make sure your uploads section has the proper stuff.
hope someone can benefit from all this silliness.
jim