Edit document, not permissions

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Clukey
Forum Commoner
Posts: 60
Joined: Fri Apr 21, 2006 9:05 pm

Edit document, not permissions

Post by Clukey »

I am trying to create a script that updates a file with new information, and I don't have to do anything to the information, I just write it directly to the page and I'm done, and I'm using the fwrite method right now but that's making me change the permissions of the file to allow "Everyone" to write to it, so I'm just wondering if there is there any way to edit any kind of file or maybe even the script itself without changing the write permissions?

Thanks.
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Post by tecktalkcm0391 »

you could do something like this:

Code: Select all

<?php
$thewrittenfile = '/home/public_html/editme.txt';

// Get the files current permissions:
$main_chmod = substr(sprintf('%o', fileperms('$thewrittenfile')), -4);


// Open file for everybody
chmod("$thewrittenfile", 0750);

// Do you codes like normal


//Close file for everybody making it back to it's original form
chmod("$thewrittenfile", $main_chmod);
?>
Clukey
Forum Commoner
Posts: 60
Joined: Fri Apr 21, 2006 9:05 pm

Post by Clukey »

Well, I've heard that too, but unfortunately I need the same amount of permissions to use chmod as I do to use fwrite so it doesn't really help
User avatar
VladSun
DevNet Master
Posts: 4313
Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria

Post by VladSun »

I suppose you are talking about shared server.
If so, I really don't think that changing to 0777 permissions is so big issue. Just try that:

1) find a web site which resides on the same server;
2) find the index page (index.php, index.html, etc.)
3) examine the output of realpath(".")
4) given the information from realpath() and the site name, try readfile("real_path_to_discovered_site/index.php");

I bet you will get an error message ;)
So - don't bother about 0777 permissions ;)
There are 10 types of people in this world, those who understand binary and those who don't
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Re: Edit document, not permissions

Post by volka »

Clukey wrote:but that's making me change the permissions of the file to allow "Everyone" to write to it
Then your script (or the process running the script) falls neither in the category "owner" nor "group" for that file.
please try

Code: Select all

<?php
error_reporting(E_ALL);
ini_set('display_erros', true);

$path = 'path/to/the/file/in/question';

print_stat($path);

function print_stat($path) {
	$s = @stat($path);

	if ( false===$s) {
		echo "cannot stat $path\n";
		return false;
	}

	$m = $s['mode'];
	echo $m & 0040000 ? 'd':'-';

	for($i=6; $i>=0; $i-=3) {
		echo $m & (1<<($i+2)) ? 'r' : '-';
		echo $m & (1<<($i+1)) ? 'w' : '-';
		echo $m & (1<<($i+0)) ? 'x' : '-';
	}

	echo
	' uid:', str_pad($s['uid'], 4, ' ', STR_PAD_RIGHT),
	' gid:', str_pad($s['gid'], 4, ' ', STR_PAD_RIGHT),
	' ', $path, "\n";
	return true;
}
and post the output.
User avatar
VladSun
DevNet Master
Posts: 4313
Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria

Post by VladSun »

Look at these:
http://us2.php.net/features.safe-mode
http://www.suphp.org/Documentation-Modu ... on.en.html

and you will get the idea :)
Remember - your files are owned by your FTP user (usually).
There are 10 types of people in this world, those who understand binary and those who don't
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Safe mode will be removed in php6 ...for a reason.
User avatar
VladSun
DevNet Master
Posts: 4313
Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria

Post by VladSun »

It will be removed, but similar mods will be used. I've just shown the core reasons for not to worry about 0777 permissions on shared servers.
There are 10 types of people in this world, those who understand binary and those who don't
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

It will be always an uphill battle for php to provide such security features from within. Effective measures do not operate from within the application but incorporate the system's own security mechanisms. That would in this case include basic file permission settings.
phpsuexec is a more reasonable approach (but somehow I don't like it ...for no good reason), http://httpd.apache.org/docs/2.0/mod/perchild.html would have been great. But safe mode and 0777 are not so good (e.g. mod_perl doesn't care about php safe_mode settings, nor does ssi or ... or...). I admit it's the reality for many shared hosts, but I will not shed a tear once safe_mode is gone.
Last edited by volka on Fri Aug 31, 2007 7:01 am, edited 1 time in total.
User avatar
VladSun
DevNet Master
Posts: 4313
Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria

Post by VladSun »

I do agree with you, volka :)
There are 10 types of people in this world, those who understand binary and those who don't
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

wow, that was fast :D
Clukey
Forum Commoner
Posts: 60
Joined: Fri Apr 21, 2006 9:05 pm

Re: Edit document, not permissions

Post by Clukey »

Hey, thanks for the replies, to volka, the output was: -rw-r--rw- uid:32276 gid:32277 xmlFile.xml

and to VladSun I don't know how to find another site on the same server, but I imagine it would error, I was just hoping wouldn't have to change the permissions
volka wrote:
Clukey wrote:but that's making me change the permissions of the file to allow "Everyone" to write to it
Then your script (or the process running the script) falls neither in the category "owner" nor "group" for that file.
please try

Code: Select all

<?php
error_reporting(E_ALL);
ini_set('display_erros', true);

$path = 'path/to/the/file/in/question';

print_stat($path);

function print_stat($path) {
	$s = @stat($path);

	if ( false===$s) {
		echo "cannot stat $path\n";
		return false;
	}

	$m = $s['mode'];
	echo $m & 0040000 ? 'd':'-';

	for($i=6; $i>=0; $i-=3) {
		echo $m & (1<<($i+2)) ? 'r' : '-';
		echo $m & (1<<($i+1)) ? 'w' : '-';
		echo $m & (1<<($i+0)) ? 'x' : '-';
	}

	echo
	' uid:', str_pad($s['uid'], 4, ' ', STR_PAD_RIGHT),
	' gid:', str_pad($s['gid'], 4, ' ', STR_PAD_RIGHT),
	' ', $path, "\n";
	return true;
}
and post the output.
Post Reply