Solved

PHP Script

Posted on 2014-09-15
23
384 Views
Last Modified: 2014-09-19
On a CENT OS box 7:

I have a script that when I run from the SSH works perfects...but running from a browser or cron does not work. I get the following error:

When i run my php page in Browser getting the following error ::

Warning: fopen(property.csv): failed to open stream: Permission denied in /var/www/html/*****/download.php on line 44

Unable to create property.csv ..


I run the same page in SSH :: Using Following command

php /var/www/html/*****/download.php

It run perfectly .. and created csv file.. But not working when i run this page in browser or cron
0
Comment
Question by:Starquest321
  • 11
  • 5
  • 3
  • +3
23 Comments
 
LVL 11

Assisted Solution

by:Radek Baranowski
Radek Baranowski earned 228 total points
ID: 40322988
I guess the reason must be different users running  this php code in both cases.

you must be running your apache/php server as a user who has no permission to write file to /var/www/html/***** directory

check what user runs apache/php (ps -ef | grep httpd) then compare to the user you run shell command as.

compare them users to see what permissions you are lacking. also, there might be some default php settings enforcing some particular limitations in writing foiles to disk.
0
 
LVL 5

Assisted Solution

by:Sir Learnalot
Sir Learnalot earned 91 total points
ID: 40322990
Did you check the permissions of the file? Run ls -l in the directory of the files to see the permissions. Set them correctly if needed with chmod xxx filename where xxx is a numerical value for Read, Write, and Execute.
0
 
LVL 7

Assisted Solution

by:Vimal DM
Vimal DM earned 46 total points
ID: 40323016
Hi,

There are two things you need to look at,

1) Running from browser

htaccess might have been added to this website, which might be blocking the "download.php" direct access from the browse.

2) Running from CRON

Permission needs to be given for the folder or file.
0
 

Author Comment

by:Starquest321
ID: 40323435
vimalmaria:
(1) What command steps in detail can I take to check for option 1.
(2) I have given the folder and file ALL permissions. So how is that possible?
0
 
LVL 5

Expert Comment

by:Sir Learnalot
ID: 40323444
if all permissions are desired enter chmod filename/folder -R 777

where chmod is command to set permissions
filename/folder is desired object to set permissions on
-R sets permissions recursively (on all child objects / sub folders and files)
777 = permissions full read, write, and execute for current user, all users, and admin users
0
 

Author Comment

by:Starquest321
ID: 40323446
Radek Baranowski: I ran the user and this is the result I get:
ps -ef | grep httpd
root      1073     1  0 Sep13 ?        00:00:12 /usr/sbin/httpd -DFOREGROUND
apache   11236  1073  0 03:22 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11256  1073  0 03:22 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11257  1073  0 03:22 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11258  1073  0 03:22 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11259  1073  0 03:22 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11272  1073  0 03:27 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11274  1073  0 03:27 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11275  1073  0 03:27 ?        00:00:01 /usr/sbin/httpd -DFOREGROUND
apache   11276  1073  0 03:27 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11464  1073  0 03:58 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
apache   11465  1073  0 03:58 ?        00:00:00 /usr/sbin/httpd -DFOREGROUND
root     12813 12782  0 12:11 pts/0    00:00:00 grep --color=auto httpd

In the folder. . . this is the permissions:
folder:
drwxrwxrwx. 2 root root   4096 Sep 15 03:58 rets

In the file:
-rwxrwxrwx. 1 root root  3412 Sep 15 04:33 download.php
0
 

Author Comment

by:Starquest321
ID: 40323583
The simply issue: When I run the page in putty its runnign perfect. But in browser giving this error:

Warning: fopen(property_res.csv): failed to open stream: Permission denied in /var/www/html/application/download.php on line 44

I have given all permissions to folder rets .. still no luck...
0
 

Author Comment

by:Starquest321
ID: 40323586
09 * * * * root /var/www/html/applicationrets/download.php

Tried a full path as well.
0
 
LVL 11

Assisted Solution

by:Radek Baranowski
Radek Baranowski earned 228 total points
ID: 40323642
are you using 'w' flag for writing in fopen ?

$output = fopen('php://output', 'w');
0
 

Author Comment

by:Starquest321
ID: 40323665
Yes . .using W+.
It will be an empty file and we will start writing to that file.  If the file does not exist it will create.
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 90 total points
ID: 40323741
It is simply that when you are using SSH, you are logged in under your own user and have permissions to do what you want in your own directories.  When you are running thru Apache, the Apache user is Intentionally limited to what it can do.  This is to prevent malicious people from hacking into your site.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:Starquest321
ID: 40323755
even if I give user:: group as root I still have the same issue. Coult it be that first issue with htaccess?
0
 
LVL 53

Assisted Solution

by:COBOLdinosaur
COBOLdinosaur earned 45 total points
ID: 40323965
I expect Dave is write, but maybe we are looking at the wrong thing.  It might be the references in the script are what is causing the problem.  You have not posted the script and if the code is the source of the program, then all the time being spent guessing and speculating is wasted if there is something simple that can be solved by looking at the code.

Cd&
0
 

Author Comment

by:Starquest321
ID: 40324019
The only logical question I have: Why would it work from SSH? That does not make sense. If the script is broken . . how will it allow itself to run from anywhere. . .
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 90 total points
ID: 40324051
There is no reason to think that the script is broken.  You're not understanding Linux permissions.  SSH requires a user login and anything you run while connected thru SSH runs with the permissions of that user.  Apache runs as it's own very limited user and does not have permissions outside of the web directories.  Setting the 'group' to root has no effect on those permissions.  The 'normal' solution is to use 'su_exec' which allows PHP to run under the permissions of the current user but that is normally used when you are running sites in '/home/user/public_html/'.  I don't know if it works in /var/www/html/ .
0
 
LVL 5

Assisted Solution

by:Sir Learnalot
Sir Learnalot earned 91 total points
ID: 40324052
I believe Dave is correct.
0
 

Author Comment

by:Starquest321
ID: 40324074
I also don't believe the script is broken. It works fine. Right now I can make the owner :: group - root or apache....just stuck here. What to do?

Script works perfect when logged in as root and using SSH
0
 
LVL 11

Assisted Solution

by:Radek Baranowski
Radek Baranowski earned 228 total points
ID: 40324095
post it here, then we could say something more.
0
 

Author Comment

by:Starquest321
ID: 40324129
The trouble area:


            echo "+ {$resource}:{$class}<br>\n";

        $file_name = strtolower("{$resource}_{$class}.csv");
        $fh = fopen($file_name, "w+");


        $maxrows = true;
        $offset = 1;
        $limit = 50;
        $fields_order = array();
                        
            $i=1;
0
 

Author Comment

by:Starquest321
ID: 40324131
Warning: fopen(property.csv): failed to open stream: Permission denied in /var/www/html/application/rets/download.php on line 44
Array
0
 
LVL 11

Assisted Solution

by:Radek Baranowski
Radek Baranowski earned 228 total points
ID: 40324150
well not much more known..

one thing: we have all focused on the directory /var/www/html/application/rets/, although it's only the place of residence of download.php script.

but where does it try to create the file ? where the file is created when you run it from shell ? I suppose that when you run it with shell/php then file gets created in the directory you run the command from

this probably - most certainly - is not the case when you run it via browser. would it be php temp dir ? or any of these two:

; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues.  The alternate is to use the
; cgi.force_redirect configuration below
; http://php.net/doc-root
doc_root =

; The directory under which PHP opens the script using /~username used only
; if nonempty.
; http://php.net/user-dir
user_dir =
0
 

Author Comment

by:Starquest321
ID: 40324787
Are these settings under php.ini?
0
 
LVL 11

Accepted Solution

by:
Radek Baranowski earned 228 total points
ID: 40324796
yes
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now