File permissions and Ownership in Php

Hi all.

Everytime I write a script which involves the creation of files and/or directories I have the same problems: in my Linux server (a shared host) first I must manually set permissions correctly because doing it from the script doesn't produce any result; then, if I need to delete those files, can't do it manually and I must use the script itself.

Today, I had a new problem, because the files created by the script have permissions set to 0000 and I can't delete them nor manually (via an ftp client, I mean) nor via script!

So, please, iluustrate the best practices to manage permissions in order to avoid these problems: I'll be grateful for ever. :)

Cheers
LVL 31
Marco GasiFreelancerAsked:
Who is Participating?
 
gr8gonzoConnect With a Mentor ConsultantCommented:
The simplest way is just to look at the owner and group of a file that is created via a PHP script. That will give you that info right away, but you can also use PHP functions (e.g. get_current_user()) to get that info, too.

If the directory is owned by "apache" and PHP is running as "apache", and if the directory has "7" as the owner bit, then PHP scripts should be able to create new files inside that directory.

Chances are that the hosting company will not have a workaround. Usually shared hosts are so dynamic with their population that it would be difficult to try and create NEW customized behavior for a single customer.
0
 
gr8gonzoConsultantCommented:
1. A file with 0000 permissions can only be deleted by root or the file owner. If the file is owned by the user that PHP is running as, then there shouldn't be any reason that PHP can't unlink the file.

2. If you set the owner (or group) of a directory to the same one that PHP uses, and you have write permissions for owner/group on that directory, then PHP will be able to create files in that directory.

There's no real other "secret" way to manage permissions, unfortunately. Almost all shared hosts use mod_php, which means you're stuck with running PHP as the user / group that Apache uses. It's just a matter of changing permissions to allow that user / group to write to a directory.
0
 
Marco GasiFreelancerAuthor Commented:
Hi gr8gonzo and thanks for your reply.

I saw now that permissions are set to 0644, but don't ask me how this happened because I don't know. The created directory permissions are 2755: ?

But going on, I would like to know how can I get the user php uses. If I view directory properties using FireFTP, I see the owner is apache so I have to change it using chown command but which user name I have to pass to chown command?

Supposing my hosting provider is using mod_php, means this I have to speak with them to find a workaround? Or there is something I can do?
0
Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

 
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
It depends on how your hosting is setup.  On my main hosting, each account corresponds to and is located in a Linux 'home' subdirectory.  That allows them to use 'suphp' http://www.suphp.org/Home.html to use the permissions of our user account in PHP.  

I don't think most hosts do that though.  If your hosting is set up so that you are not a 'real' user with your own directory, then you won't have normal 'user' permissions and you would have to speak to your hosting company to find out what is available.
0
 
Marco GasiFreelancerAuthor Commented:
Well, using get_current_user() function I get my own username, 'delphico'. But the owner of files results to be 'apache'.

@DaveBaldwin: this could mean I have a personal home directory? I'll ask to my provider (but I can't do it now: it seems they have some problem with the server) and eventually I'll ask to install suphp

@gr8gonzo: since current user and owner are different I tried to use chown command but I get Warning: chown() [function.chown]: Operation not permitted
0
 
gr8gonzoConsultantCommented:
Yeah, shared hosts disable quite a few functions (for your own security from others on the same server). You can try to change the owner in FTP, or you can also just create a new directory, give it full permissions and then use PHP to create a subdirectory, and from there, it should be able to read/write files within that subdirectory (and you can use a file manager or FTP to move it into the correct location).

You may be able to just ask your host to set certain permissions, too.
0
 
Marco GasiFreelancerAuthor Commented:
Thanks guys. I'll use your input speaking with the provider.
Best wishes to you for a wonderful 2014.
0
All Courses

From novice to tech pro — start learning today.