|
Posted by Richard Lynch on 04/29/05 23:07
On Fri, April 29, 2005 1:51 am, Giulio said:
> Having to read some uploaded files, perform operations on them (
> basically attach them on a single file ), and then save the resulting
> file using ftp, and trying to have the php page as general as possible
> ( I mean have it work on the larger number of server possible and
> without configuration settings ):
>
> 1) Could it be possible to have a php or server config that doesn't
> allow at all to write and read files on the server( I'm afraid yes) and
> how can I detect this situation from code, at least to show a "this
> script can't run here" message?
It's certainly possible for a server to not allow any write access to
anywhere for PHP, and probably even for there to be no possible way for
the end user to alter the permissions of directories/files so they can't
over-ride that...
There is *NO* way for you to detect that from PHP, however, since in many
cases the user/pass that can alter the file permissions is not accessible
to PHP in any way, shape, or form, nor should it be.
I guess you *could* attempt to write in every possible directory on the
server, walking down from "/" to all the directories you can find, and
eventually maybe find one, god knows where, that is writable...
But that would probably get your script banned on every server :-)
> 2) All the upload_and_copy_files_somewhere_else examples relay on a
> destination directory explicitly set in the script. How can i have my
> php discover on its own where it can write and read, no matter the
> position since it is a kind of temporary and working folder, and I'll
> delete all files used when finished?
If you're just going to delete the files after your script is done, why
copy them somewhere else at all?
Your best bet is to try and use the /tmp dir, or, more properly, what PHP
thinks is a "good" place for tmp files.
For that matter, using http://php.net/tmpfile may take care of all your
worries on this one.
If tmpfile doesn't work, then you might as well just give up.
> 3) Which security settings ( safe_mode and so on ) should I be aware
> of?
All of them? [shrug]
You're going to have to read the manual on this one.
> Some good tutorial somewhere?
>
> Thank you so much,
There are a zillion, but I doubt that any of them address a generalized
file upload script...
Maybe check out how applications like squirrelmail handle file uploads
before they send them off to email them out.
--
Like Music?
http://l-i-e.com/artists.htm
[Back to original message]
|