Thank you Tricia for your suggestion .. but ftp_chmod works only in php 5 .. mine is 4.4 and a warning message appears (operation not permitted etc. see: http://www.php.net/ftp_chmod
Having extensively searched for an answer I am convinced that one has to change the mode manually and keep that folder chmoded 0777. I think that it is a securtiy risk but it does seem to be the only answer for now. By the way this is actually a common problem as I have found out searching the net for an answer. Regards, David --- Tricia Thomas <[EMAIL PROTECTED]> wrote: > The problem is, as you say, that PHP is not the same > user as the owner > of your folders and files, therefore you cannot use > PHP to change the > owner or permissions on those files. Nor can you use > FTP to change the > owner of your files. > > If all you need is one or more folders which are > exclusively written to > by PHP try this: > > in FTP change the permissions on the parent folder > to 777 > use PHP to create folder(s) within the parent folder > (which it will then > own and should be able to write to with the normal > permissions > in FTP change the permissions on the parent folder > back to the usual > setting. > > I haven't tried this but it should work. The problem > I have is that I > need both PHP and FTP to be able to write in the > same folders and even > the same files - ugh! > > Tricia > > David Halliday wrote: > > Hello Shuja, > > > > Thank you for your reply. Unfortunately CHMOD > doesnt > > work for me. I get warning messages like: Warning: > > chmod(): Operation not permitted > > > > I gather that the reason is that a PHP script has > a > > different owner than halliday, so unless I > manually > > grant write permission to ALL USERS, chmod will > not > > work. > > > > Te PHP manual says: > > .. The current user is the user under which PHP > runs. > > It is probably not the same user you use for > normal > > shell or FTP access. > > > > and : > > When safe mode is enabled, PHP checks whether the > > files or directories you are about to operate on > have > > the same UID (owner) as the script that is being > > executed. > > > > On my server though safe mode is not enabled !! > > > > And in a tutorial on Zend website, > > > > File Creation and Editing with Filesystem > Functions > > http://www.zend.com/zend/tut/tutorial-jenkins2.php > > > > it says: > > > > <!-- Excerpts --> > > Permissions > > It is important to remember a few key things when > > working with PHP and file creation. PHP runs via > your > > webserver and therefore has the same rights as > your > > webserver. Since most webservers do not run with > > super-user status (root in Unix/Linux, or > > administrator in Windows) you will need to make > sure > > the folders and files you want to edit allow the > > webserver write access. > > > > If you are running Unix or Linux with Apache you > will > > need to change the owner of your files to nobody > or > > www depending on your install. > > <!-- --> > > > > It goes on to suggest changing the owner of the > folder > > or file to 'www' or 'nobody' by doing this: > > > > <!-- --> > > File: chown www file.txt > > Directory: chown www folder1/ > > > > This will change the owner of the file file.txt > (or > > the directory folder1/) to www, thus allowing PHP > via > > Apache to edit the file. > > <!-- --> > > > > I think tt would solve this problem if one could > > create a group and .. somehow .. in the script, > tell > > the server that I am a member of that group. Then > one > > could manually change the mode of /classes/ folder > to > > 0775 just once. > > > > One last point: I read on php.net website > > http://pl2.php.net/features.safe-mode > > someone talking about fixing the sticky bit. It > says: > > "I use mkdir just fine. You just have to make sure > you > > set sticky bits on the directory you are creating > the > > files in. Look at "man chmod" clipping: > > > > 4000 (the setuid bit). Executable files with > this > > bit set will run with effective uid set to the uid > of > > the file owner. Directories with this bit set will > > force all files and sub-directories created in > them to > > be owned by the directory owner and not by the uid > of > > the creating process, if the underlying file > system > > supports this feature: see chmod(2) and the > suiddir > > option to mount(8)" > > > > How is this done? Is it via php script or Cpanel? > > > > thanks, > > David > > --- Shuja Shabandri <[EMAIL PROTECTED]> wrote: > > --------------------------------- > > Hi David, > > Whenever your script needs to write to a folder, > you > > can chmod that folder > > from php > > > > <?php > > > > chmod ("/path/to/folder",intval(777,8)); > > ?> > > and then when you are done writing to the folder. > > chmod it back to 644 or > > whatever needed. > > > > Regards > > Shuja Shabandri > > > > > > On 1/3/06, David Halliday <[EMAIL PROTECTED]> > > wrote: > > > >>Hi > >> > >>Is there any way at all to enable users of a php > >>script to create folders and files on linux/apache > >>servers? > >> > >>Briefly, I have a folder called halliday with a > >>subfolder classes: and I want students from 5 > > > > classes > > > >>to register and login. Now two students from each > >>class will be granted permission to create folders > >>(e.g. class1 etc.. see below) and files (using > mkdir > > > > + > > > >>fwrite), so it would look something like this: > >> > >>/halliday/classes/class1 > >>/halliday/classes/class2 > >>/halliday/classes/class3 > >>/halliday/classes/class4 > >>/halliday/classes/class5 > >> > >>I have been struggling with this for two weeks now > >>without success. To cut a long story short .. the > > > > only > > > >>way I could do this is by manually changing the > >>permission on the folder 'classes' to 777 (or > 0777) > > > > .. > > > >>ie READ + WRITE + EXECUTE for OWNER - GROUP - ALL > >>USERS. Now I think this is a security risk because > >>some students are worse than real life hackers and > >>leaving it like that is not really a good idea. > What > > > > I > > > >>want is to create a group somehow and grant > > > > permission > > > >>to the group only .. not all users. Then when > > > > members > > > >>login the script will 'know' who has the right > >>permission. CAn this be done via php and mysql? > >> > >>Thank you, > >>David ___________________________________________________________ Yahoo! Exclusive Xmas Game, help Santa with his celebrity party - http://santas-christmas-party.yahoo.net/ The php_mysql group is dedicated to learn more about the PHP/MySQL web database possibilities through group learning. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php_mysql/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
