You don't want to store the files in the root public directory. Create a subdirectory for uploads, 'public-html/uploads' for example. Make sure it's permissions are 755. From the command line, 'chown nobody,nobody uploads' would do it. The syntax for chown is 'chown <user>,<group> <file/directory>'.
David Piasecki Software Engineer Netvolution.com, Inc. http://www.netvolution.com 548 South Spring Street, Suite 814, Los Angeles CA 90013 Phone: 213-593-1090 x107 Fax: 213-593-1091 -----Original Message----- From: Kevin Stone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 12, 2001 11:24 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [PHP] Help creating an image repository/library. That would be an ideal solution. But one of my problems is that I'm not very familiar with permission settings. All I know about is CHMOD. What exactly is CHOWN and how would I set it to allow the script upload to a public directory without risking the security of the web site? Thanks! -Kevin > Can you chown the directory to the same user as the web server runs as > (ie. nobody)? At that point, you will be able to upload into that > directory while retaining the directory permission of 755. > > > > -----Original Message----- > From: Kevin Stone [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, December 11, 2001 2:50 PM > To: [EMAIL PROTECTED] > Subject: Re: [PHP] Help creating an image repository/library. > > > Yes, I do reference the image filename in the database.. regardless of > where > I save it. That is not the issue. > > The problem is that I can not save the image in a location where I can > access it via a URL (ie. http://www.mydom.com/images/myimage.jpg). If I > could then there would be no problem. But I am advised to keep the > directory permissions of the public HTML directory set to 755 which > means > that any script excecuting within that directory inherits the user > permissions (can read, can't write, can execute). "Can't write" is the > clincher. > > I can save the images outside the public html directory but then I can > not > grab the image via a URL. The only way to access the image is to fopen > and > fread it to the client browser which means that I must set the header > ("Content-type image/jpeg"), which means that I can not display HTML on > the > same page. > > It's a catch22.. I can't display an uploaded image along with HTML on > the > same page unless it is uploaded to a public directory. I can not upload > toa > public directory unless I CHMOD it to 777. I am not allowed to CHMOD > the > directory so I have to save the images outside the public html > directory. I > can not display an uploaded image along with HTML when I have to fread() > the > file to the screen. > > **pant pant** > > There will be thousands of images (4000 - 5000 when complete) and it has > been advised to me not to save them in a MySQL database as it can > significantly reduce search times. Is this true? > > -Kevin Stone > > > Presumably, each item in the catalog has a unique id of some sort in > > the database. When you upload the images, you can rename the image > > file to image_(unique_id).jpg. Then when you load a page, you can > > reference the item next to the image. > > > > This is only one way to do it, of course. You could also store the > > image names in another database and link the tables when calling the > > data for the jewelry. > > > > jim > > > > > > >I have written a simple image uploading system to go along with a > simple > > >database. This will be a part of a publiclay accessable search > engine > for a > > >jewelry companie's web site. Almost every entry has a corresponding > image. > > >But that was the easy part... The problem now is that I need to > display > the > > >images next to the corresponding info on the same page. > > > > > >I do not know much about UNIX permissions but I am strongly advised > to > keep > > >the permission settings on the public-html directory set to 0755 at > the > very > > >least. Since the PHP script inhereits user permissions (and not the > Owner's > > >permission) this means that I can not upload the files to the > Public-html > > >directory where I could easily grab them with a URL. The only place > I > have > > >access is outside the public html directory. Of couse I can open any > number > > >of images I like and read them to the browser screen... but they can > not > > >mingle with HTML becuase I have to set the header("Content-type: > > >image/jpeg") in order to display the image in the first place. > ARRGGH! > > > > > >It is forcing me to use frames or a floating window to display the > images.. > > >which is absoutely totaly unacceptable. Aside from being a hack > solution > > >there is no way I can align the images with the corresponding > database > info. > > >And inline frames are not supported by all browsers. > > > > > >*sigh* > > > > > >I am being blocked on all ends and I need a solution fast. Any help > will > be > > >**GREATLY** appreciated. > > > > > >-Kevin Stone > > > > > > > > >-- > > >PHP General Mailing List (http://www.php.net/) > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >For additional commands, e-mail: [EMAIL PROTECTED] > > >To contact the list administrators, e-mail: > [EMAIL PROTECTED] > > > > > > -- > > Jim Musil > > --------- > > Multimedia Programmer > > Nettmedia > > ------------- > > 212-629-0004 > > [EMAIL PROTECTED] > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
