Edit document, not permissions
Moderator: General Moderators
Edit document, not permissions
I am trying to create a script that updates a file with new information, and I don't have to do anything to the information, I just write it directly to the page and I'm done, and I'm using the fwrite method right now but that's making me change the permissions of the file to allow "Everyone" to write to it, so I'm just wondering if there is there any way to edit any kind of file or maybe even the script itself without changing the write permissions?
Thanks.
Thanks.
- tecktalkcm0391
- DevNet Resident
- Posts: 1030
- Joined: Fri May 26, 2006 9:25 am
- Location: Florida
you could do something like this:
Code: Select all
<?php
$thewrittenfile = '/home/public_html/editme.txt';
// Get the files current permissions:
$main_chmod = substr(sprintf('%o', fileperms('$thewrittenfile')), -4);
// Open file for everybody
chmod("$thewrittenfile", 0750);
// Do you codes like normal
//Close file for everybody making it back to it's original form
chmod("$thewrittenfile", $main_chmod);
?>I suppose you are talking about shared server.
If so, I really don't think that changing to 0777 permissions is so big issue. Just try that:
1) find a web site which resides on the same server;
2) find the index page (index.php, index.html, etc.)
3) examine the output of realpath(".")
4) given the information from realpath() and the site name, try readfile("real_path_to_discovered_site/index.php");
I bet you will get an error message
So - don't bother about 0777 permissions
If so, I really don't think that changing to 0777 permissions is so big issue. Just try that:
1) find a web site which resides on the same server;
2) find the index page (index.php, index.html, etc.)
3) examine the output of realpath(".")
4) given the information from realpath() and the site name, try readfile("real_path_to_discovered_site/index.php");
I bet you will get an error message
So - don't bother about 0777 permissions
There are 10 types of people in this world, those who understand binary and those who don't
Re: Edit document, not permissions
Then your script (or the process running the script) falls neither in the category "owner" nor "group" for that file.Clukey wrote:but that's making me change the permissions of the file to allow "Everyone" to write to it
please try
Code: Select all
<?php
error_reporting(E_ALL);
ini_set('display_erros', true);
$path = 'path/to/the/file/in/question';
print_stat($path);
function print_stat($path) {
$s = @stat($path);
if ( false===$s) {
echo "cannot stat $path\n";
return false;
}
$m = $s['mode'];
echo $m & 0040000 ? 'd':'-';
for($i=6; $i>=0; $i-=3) {
echo $m & (1<<($i+2)) ? 'r' : '-';
echo $m & (1<<($i+1)) ? 'w' : '-';
echo $m & (1<<($i+0)) ? 'x' : '-';
}
echo
' uid:', str_pad($s['uid'], 4, ' ', STR_PAD_RIGHT),
' gid:', str_pad($s['gid'], 4, ' ', STR_PAD_RIGHT),
' ', $path, "\n";
return true;
}Look at these:
http://us2.php.net/features.safe-mode
http://www.suphp.org/Documentation-Modu ... on.en.html
and you will get the idea
Remember - your files are owned by your FTP user (usually).
http://us2.php.net/features.safe-mode
http://www.suphp.org/Documentation-Modu ... on.en.html
and you will get the idea
Remember - your files are owned by your FTP user (usually).
There are 10 types of people in this world, those who understand binary and those who don't
It will be always an uphill battle for php to provide such security features from within. Effective measures do not operate from within the application but incorporate the system's own security mechanisms. That would in this case include basic file permission settings.
phpsuexec is a more reasonable approach (but somehow I don't like it ...for no good reason), http://httpd.apache.org/docs/2.0/mod/perchild.html would have been great. But safe mode and 0777 are not so good (e.g. mod_perl doesn't care about php safe_mode settings, nor does ssi or ... or...). I admit it's the reality for many shared hosts, but I will not shed a tear once safe_mode is gone.
phpsuexec is a more reasonable approach (but somehow I don't like it ...for no good reason), http://httpd.apache.org/docs/2.0/mod/perchild.html would have been great. But safe mode and 0777 are not so good (e.g. mod_perl doesn't care about php safe_mode settings, nor does ssi or ... or...). I admit it's the reality for many shared hosts, but I will not shed a tear once safe_mode is gone.
Last edited by volka on Fri Aug 31, 2007 7:01 am, edited 1 time in total.
Re: Edit document, not permissions
Hey, thanks for the replies, to volka, the output was: -rw-r--rw- uid:32276 gid:32277 xmlFile.xml
and to VladSun I don't know how to find another site on the same server, but I imagine it would error, I was just hoping wouldn't have to change the permissions
and to VladSun I don't know how to find another site on the same server, but I imagine it would error, I was just hoping wouldn't have to change the permissions
volka wrote:Then your script (or the process running the script) falls neither in the category "owner" nor "group" for that file.Clukey wrote:but that's making me change the permissions of the file to allow "Everyone" to write to it
please tryand post the output.Code: Select all
<?php error_reporting(E_ALL); ini_set('display_erros', true); $path = 'path/to/the/file/in/question'; print_stat($path); function print_stat($path) { $s = @stat($path); if ( false===$s) { echo "cannot stat $path\n"; return false; } $m = $s['mode']; echo $m & 0040000 ? 'd':'-'; for($i=6; $i>=0; $i-=3) { echo $m & (1<<($i+2)) ? 'r' : '-'; echo $m & (1<<($i+1)) ? 'w' : '-'; echo $m & (1<<($i+0)) ? 'x' : '-'; } echo ' uid:', str_pad($s['uid'], 4, ' ', STR_PAD_RIGHT), ' gid:', str_pad($s['gid'], 4, ' ', STR_PAD_RIGHT), ' ', $path, "\n"; return true; }