Solved

File permissions and Ownership in Php

Posted on 2014-01-03
7
311 Views
Last Modified: 2014-01-03
Hi all.

Everytime I write a script which involves the creation of files and/or directories I have the same problems: in my Linux server (a shared host) first I must manually set permissions correctly because doing it from the script doesn't produce any result; then, if I need to delete those files, can't do it manually and I must use the script itself.

Today, I had a new problem, because the files created by the script have permissions set to 0000 and I can't delete them nor manually (via an ftp client, I mean) nor via script!

So, please, iluustrate the best practices to manage permissions in order to avoid these problems: I'll be grateful for ever. :)

Cheers
0
Comment
Question by:Marco Gasi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 39754752
1. A file with 0000 permissions can only be deleted by root or the file owner. If the file is owned by the user that PHP is running as, then there shouldn't be any reason that PHP can't unlink the file.

2. If you set the owner (or group) of a directory to the same one that PHP uses, and you have write permissions for owner/group on that directory, then PHP will be able to create files in that directory.

There's no real other "secret" way to manage permissions, unfortunately. Almost all shared hosts use mod_php, which means you're stuck with running PHP as the user / group that Apache uses. It's just a matter of changing permissions to allow that user / group to write to a directory.
0
 
LVL 31

Author Comment

by:Marco Gasi
ID: 39754797
Hi gr8gonzo and thanks for your reply.

I saw now that permissions are set to 0644, but don't ask me how this happened because I don't know. The created directory permissions are 2755: ?

But going on, I would like to know how can I get the user php uses. If I view directory properties using FireFTP, I see the owner is apache so I have to change it using chown command but which user name I have to pass to chown command?

Supposing my hosting provider is using mod_php, means this I have to speak with them to find a workaround? Or there is something I can do?
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 250 total points
ID: 39754833
It depends on how your hosting is setup.  On my main hosting, each account corresponds to and is located in a Linux 'home' subdirectory.  That allows them to use 'suphp' http://www.suphp.org/Home.html to use the permissions of our user account in PHP.  

I don't think most hosts do that though.  If your hosting is set up so that you are not a 'real' user with your own directory, then you won't have normal 'user' permissions and you would have to speak to your hosting company to find out what is available.
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 35

Accepted Solution

by:
gr8gonzo earned 250 total points
ID: 39754844
The simplest way is just to look at the owner and group of a file that is created via a PHP script. That will give you that info right away, but you can also use PHP functions (e.g. get_current_user()) to get that info, too.

If the directory is owned by "apache" and PHP is running as "apache", and if the directory has "7" as the owner bit, then PHP scripts should be able to create new files inside that directory.

Chances are that the hosting company will not have a workaround. Usually shared hosts are so dynamic with their population that it would be difficult to try and create NEW customized behavior for a single customer.
0
 
LVL 31

Author Comment

by:Marco Gasi
ID: 39754909
Well, using get_current_user() function I get my own username, 'delphico'. But the owner of files results to be 'apache'.

@DaveBaldwin: this could mean I have a personal home directory? I'll ask to my provider (but I can't do it now: it seems they have some problem with the server) and eventually I'll ask to install suphp

@gr8gonzo: since current user and owner are different I tried to use chown command but I get Warning: chown() [function.chown]: Operation not permitted
0
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 39754960
Yeah, shared hosts disable quite a few functions (for your own security from others on the same server). You can try to change the owner in FTP, or you can also just create a new directory, give it full permissions and then use PHP to create a subdirectory, and from there, it should be able to read/write files within that subdirectory (and you can use a file manager or FTP to move it into the correct location).

You may be able to just ask your host to set certain permissions, too.
0
 
LVL 31

Author Closing Comment

by:Marco Gasi
ID: 39754974
Thanks guys. I'll use your input speaking with the provider.
Best wishes to you for a wonderful 2014.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question