|
|
Posted by Rik on 12/18/42 11:48
Hmmmz, newsserver was up for a minute, then down again, oh well:
The exact way thing are made now:
In the object handling the post:
if(!file_exists($_SERVER['DOCUMENT_ROOT'].'/path/to/'.$id)){
$makedir = mkdir($_SERVER['DOCUMENT_ROOT'].'/path/to/'.$id, 0777);
if(!$makedir){
$this->set_error('Could not make directory.');
return false;
}
$chmoddir = chmod($_SERVER['DOCUMENT_ROOT'].'/path/to/'.$id, 0777);
if(!$chmoddir){
$this->set_error('Could not set dir's permission');
return false;
}
}
foreach($_FILES as $file){
$imagehandler->handle($file['tmp_name'],
$_SERVER['DOCUMENT_ROOT'].'/path/to/'.$id,$file['name']);
}
$imagehandler is another object, which basically validates, resizes and
then:
imagejpeg($new, $targetdir.'/'.$targetname);
Instead of this, I've trief touch($targetdir.'/'.$targetname), which
already gives an error.
It seems the same script which has created a dir has limited
permissions in that dir?
I've used this testscript to check some things:
<pre>
<?php
error_reporting(E_ALL);
$dir = $_SERVER['DOCUMENT_ROOT'].'/images/houses/242';
$file = '/Logo2.jpg';
$filegroupdir = filegroup ($dir.'/');
$filegroupfile = filegroup ($dir.$file);
$userdir = fileowner($dir.'/');
$userfile = fileowner($dir.$file);
echo "Own group:".posix_getegid();
print_r(posix_getgrgid(posix_getegid()));
echo "Own user:".posix_geteuid();
print_r(posix_getpwuid(posix_geteuid()));
echo "Dir group: ".$filegroupdir;
print_r(posix_getgrgid($filegroupdir));
echo "File group: ".$filegroupfile;
print_r(posix_getgrgid($filegroupfile));
echo "Dir user: ".$userdir;
print_r(posix_getpwuid($filegroupdir));
echo "File user: ".$userfile;
print_r(posix_getpwuid($filegroupfile));
?>
</pre>
Which outputs:
Warning: filegroup(): SAFE MODE Restriction in effect. The script
whose uid is 1149 is not allowed to access /home/user/path/to/image.jpg
owned by uid 65534 in /home/user/path/tesst.php on line 8
Warning: fileowner(): SAFE MODE Restriction in effect. The script
whose uid is 1149 is not allowed to access /home/user/path/to/image.jpg
owned by uid 65534 in /home/user/path/tesst.php on line 10
Own group:65534Array
(
[name] => nobody
[passwd] => *
[members] => Array
(
)
[gid] => 65534
)
Own user:65534Array
(
[name] => nobody
[passwd] => *
[uid] => 65534
[gid] => 65534
[gecos] => Unprivileged user
[dir] => /usr/nobody
[shell] => /sbin/nologin
)
Dir group: 1004Array
(
[name] => group
[passwd] => *
[members] => Array
(
)
[gid] => 1004
)
File group: -snip false-
Dir user: 65534Array
(
[name] => 25m_user
[passwd] => *
[uid] => 1004
[gid] => 1004
[gecos] => User &
[dir] => /home/25m_user
[shell] => /usr/bin/true
)
File user: -snip false-
On trying to delete the image:
Warning: unlink(): SAFE MODE Restriction in effect. The script whose
uid is 1149 is not allowed to access /home/user/path/to/image.jpg
owned by uid 65534
I am very, very confused. I'll have to read up on file/userpermissions
I believe.
Everthing seems to result from a dynamically created dir, in which te
script can write, until it is terminated. Userfilowner seems the same
as myself, but not as the script...
Standard solution as touch($file) before($img,$file) won't work
either...
I'll try creating chmodding only the directory with FTP, and saving the
images dynamically. I'll keep you updated.
Grtz,
--
Rik Wasmus
Navigation:
[Reply to this message]
|