Steve Jackson wrote:
It does matter in safe mode, unless safe_mode_include_dir is properly set up.You *are* using the correct user/pass? It should be the same as what you use to upload files to your webroot.
If you can't get this to work then try the ftp functions.
Yes I am.
Alternatively, you could consider storing them in a DB.
Yes that's what I was thinking they only need put the username password in once so it might not be such a bad idea. But more I think about this I'm doing this in a strange way. If I upload the file directly to root rather than write it then I won't have any problems. Doesn't matter who owns the file then.
Still this would not work for the same reason you cannot write it there directly, the permissions cannot be circumvented.
I still don't understand (ie you still haven't explained) why you're creating the file somewhere then move it elsewhere. Why can you not use it where it's created, or create it where it's to be used?
I can't create it where it's meant to be used by writing the file
because it would mean changing the permissions of the web root directory
to chmod 777. That was the only way I could get the generator file to
write the php page by 'chmodding' the directory that the files were
being created in to 777. If I do that to the web root it's a security
risk. My idea and it's turned out to be a bad one was to put the
generator file: ie the file writing the page on the fly in a safe
directory IE outside the webroot or in a protected directory. Then move
the file to the web root from the safe directory.
If there is a way to do what you suggest without a security risk I'd buy you a beer and send it to you via ASDL if you'd tell me how ;o).
Cheers, Steve.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
