?
Solved

Setting file permissions on a web server with php

Posted on 2009-04-28
3
Medium Priority
?
268 Views
Last Modified: 2013-12-12
I am trying to ensure that files I upload onto a web server are available for editing by users who need to download them. I don't want to manually set file permissions as there are too many to do, but I need to set the file permission once the file has been uploaded. I am using the code shown but the routine is not having any effect. The upload folder has 777 permission but the files themselves prior to upload could have a variety of permission settings. The upload process renames the files prior to upload according to a naming convention I have put in place but this should make no difference to the permission setting function.
<!-- This is the pertinent code from the body of the calling file --> 
if (!file_exists($uploaddir . $_FILES["file"]["name"]))
            {
                // Proceed with file upload
                if (is_uploaded_file($_FILES['file']['tmp_name']))
                {
                    // Filename with extension
					$savedFilename = renameFile();
					
					// File was uploaded to the temp dir, continue upload process
					if (move_uploaded_file($_FILES['file']['tmp_name'], $uploaddir.$savedFilename))	
                    {
                        // Now log the uploaders IP adress date and time
                        $date = date("d.m.Y"); 
    					$time = date("h:i:s A");                
                		$fp = fopen($log,"ab"); 
						fwrite($fp,"$date | $time | $userName | $ip | ".$savedFilename." | UPLOAD OK"."\r\n"); 
                		fclose($fp); 
						
						// Set the global flag
						$_SESSION['fileUploadStatus'] = true;
						
						// Filename without extension (always the first 11 characters)
						$savedFilenameNoExt = substr($savedFilename, 0, 11);
						
						// Set the appropriate file permission
						setFilePermission($uploaddir.$savedFilename);
						
						// Insert the data into the database
						insertData($savedFilenameNoExt, $ext);
						
						// Return
						header("Location: mgtAddDoc.php");
                    } 
					else 
					{
                        echo "There was an unspecified error while uploading the file, Please contact an Intranet administrator.";
                        unset($_FILES['file']['tmp_name']);
                    }
                } 
				else 
				{
                    // File was NOT uploaded to the temp dir
                    switch ($_FILES['file']['error'])
                    {
                        case 1:
							print 'The file is too large for the server, please contact an Intranet administrator).'; // php installation max file size error
							break;
						case 2:
							print 'The file is larger than the permissible maximum (25 MB), please hit the back button and try again.'; // form max file size error
							break;
						case 3:
							print 'Only part of the file was uploaded, please hit the back button and try again.';
							break;
						case 4:
							print 'No file was uploaded, please hit the back button and try again.';
							break;
						case 6:
							print "Missing a temporary folder, please contact an Intranet administrator.";
							break;
						case 7:
							print "Failed to write file to disk, please contact an Intranet administrator.";
							break;
						case 8:
							print "File upload stopped by extension, please contact an Intranet administrator.";
							break;
                    }
                }
            }
else 
			{
                echo "Filename already exists, Please rename the file and retry.";
                unset($_FILES['file']['tmp_name']);
            }
        }
<!-- This is the file permissions function -->
function setFilePermission ($theFile)
{
	$fr = fopen($theFile, 'r');
	if(!$fr) 
	{
		// Must be 0777 (octal), NOT just 777 
		if(!chmod($theFile, 0777)) 
		{
			echo "Error - could not open ".$theFile." for reading!";
			exit;
		} 
		else 
		{
			$fr = fopen($theFile, 'r');
		}
	}
 
	$myvalue = fgets($fr, 1024);
	fclose($fr);
	
	return;
}

Open in new window

0
Comment
Question by:kcalder
3 Comments
 
LVL 4

Accepted Solution

by:
joep1978 earned 500 total points
ID: 24255555
setFilePermission only changes the permissions if the file cannot be opened.  The chmod is not performed if it can be opened, and actually I think it's unlikely you could perform the chmod if the file was not readable to the webserver!

If you want to perform the chmod regardless, change the function as follows:-
function setFilePermission ($theFile)
{
        $fr = fopen($theFile, 'r');
 
        // Must be 0777 (octal), NOT just 777 
        if(!chmod($theFile, 0777)) 
        {
                        echo "Error - could not open ".$theFile." for reading!";
                        exit;
        } 
 
        $fr = fopen($theFile, 'r');
        $myvalue = fgets($fr, 1024);
        fclose($fr);
        
        return;
}

Open in new window

0
 
LVL 14

Expert Comment

by:shobinsun
ID: 24257380
0
 

Author Closing Comment

by:kcalder
ID: 31575674
Of course! I should pay more attention to code snippets produced by others before using them. Lesson learned, thanks very much.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses
Course of the Month13 days, 9 hours left to enroll

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question