I'm working on a website that uses PHP and I need to allow users to upload files, which will then be copied into a directory within the website. I am having problems with the permissions on the directory that will hold the uploaded files. The website is hosted on a virtual host, and I don't have telnet access, just FTP access.
If I FTP into the website and create the upload directory then the owner and group is set to my FTP username. The permissions on the upload directory are 775 (i.e. owner can do everything, group can do everything, public can only read and execute but not write). I am finding that my PHP script can't write to the upload directory to copy the uploaded files into it. If I change the permissions on the upload directory to 777 (everyone can do everything) then the PHP script can write to the upload directory. But of course I don't really want to allow everyone to write to the upload directory, I'd much rather have the permissions set to 775 to prevent public from being able to write to the directory. I am guessing that the reason I am seeing this behaviour is because my PHP script is being run by Apache, and the Apache username and group is set to "nobody". What are your recommendations for setting permissions on a directory so I can allow my PHP scripts (run by Apache) to write to the directory but without resorting to setting the permissions to 777 which allows anyone to write to the directory? Should I be changing the owner or group on the directory? If so what should I be changing it to and how should I change this since I don't have telnet access? I would still like to have full FTP access to the directory as well. Thanks for any advise! -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected]
