Reply to Re: Chmod

Your name:

Reply:


Posted by frizzle on 04/11/06 16:25

Jerry Stuckle wrote:
> frizzle wrote:
> > Jerry Stuckle wrote:
> >
> >>frizzle wrote:
> >>
> >>>Jerry Stuckle wrote:
> >>>
> >>>
> >>>>frizzle wrote:
> >>>>
> >>>>
> >>>>>Jerry Stuckle wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>>frizzle wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>>Jerry Stuckle wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>>frizzle wrote:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>Jerry Stuckle wrote:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>>frizzle wrote:
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>>Jerry Stuckle wrote:
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>>frizzle wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>>Jerry Stuckle wrote:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>>frizzle wrote:
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>Jerry Stuckle wrote:
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>Gary L. Burnore wrote:
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>On Wed, 05 Apr 2006 07:55:14 -0500, Jerry Stuckle
> >>>>>>>>>>>>>>>>><jstucklex@attglobal.net> wrote:
> >>>>>>>>>>>>>>>>>.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>Standard (DW created files/dirs) have user 'domainname', permissions
> >>>>>>>>>>>>>>>>>>>>'rwx r-x r-x ',
> >>>>>>>>>>>>>>>>>>>>Ftp app uploaded (with chmod 777) have user 'apache', permissions 'rw-
> >>>>>>>>>>>>>>>>>>>>--- --- '
> >>>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>>Frizzle.
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>Is there a possibility to upload files via PHP without Chmodding, and
> >>>>>>>>>>>>>>>>>>>keep the same group / permissions on uploaded files as those uploaded
> >>>>>>>>>>>>>>>>>>>with, say, DreamWeaver or WS_FTP ?
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>Frizzle.
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>>(E.g. with ftp_put() wich i can't seem to get working.)
> >>>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>>Only if you can ftp in as the web server.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>It depends on the ftp server, actually. Our ftp server correctly sets
> >>>>>>>>>>>>>>>>>the permissions for you when you push. Seems your ISP has something
> >>>>>>>>>>>>>>>>>set incorrectly.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>No, he was asking how to upload files with PHP - not with FTP.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>--
> >>>>>>>>>>>>>>>>==================
> >>>>>>>>>>>>>>>>Remove the "x" from my email address
> >>>>>>>>>>>>>>>>Jerry Stuckle
> >>>>>>>>>>>>>>>>JDS Computer Training Corp.
> >>>>>>>>>>>>>>>>jstucklex@attglobal.net
> >>>>>>>>>>>>>>>>==================
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>Sorry, kind of lost it here; is it possible to FTP via PHP w/o any
> >>>>>>>>>>>>>>>chmodding etc.
> >>>>>>>>>>>>>>>So i could mail a zipfile to a client, tell them to unpack it and
> >>>>>>>>>>>>>>>upload it, and
> >>>>>>>>>>>>>>>have the upload script up and running ... ?
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>Frizzle.
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>Frizzle,
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>No, you can't upload via PHP. FTP is a system service, just as telnet, ssh and
> >>>>>>>>>>>>>>web server are.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>When you ftp a file to the server, the owner of the file is the userid who
> >>>>>>>>>>>>>>uploaded the file (signed into ftp). But when you upload via PHP, you're using
> >>>>>>>>>>>>>>the web server, and the owner is the userid of the server itself.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>--
> >>>>>>>>>>>>>>==================
> >>>>>>>>>>>>>>Remove the "x" from my email address
> >>>>>>>>>>>>>>Jerry Stuckle
> >>>>>>>>>>>>>>JDS Computer Training Corp.
> >>>>>>>>>>>>>>jstucklex@attglobal.net
> >>>>>>>>>>>>>>==================
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>Ok, thanks.
> >>>>>>>>>>>>>Not to go on and on about this, but the other thing i asked is
> >>>>>>>>>>>>>impossible as well then?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>"So i could mail a zipfile to a client, tell them to unpack it and
> >>>>>>>>>>>>>upload it,
> >>>>>>>>>>>>>and have the upload script up and running ... ?"
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>Frizzle.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>It's easy to ftp or to upload via PHP. Both work quite well (unless the
> >>>>>>>>>>>>server's configuration is screwed up). It's when you try to mix the two you
> >>>>>>>>>>>>start running into permission problems and need to chmod.
> >>>>>>>>>>>>
> >>>>>>>>>>>>--
> >>>>>>>>>>>>==================
> >>>>>>>>>>>>Remove the "x" from my email address
> >>>>>>>>>>>>Jerry Stuckle
> >>>>>>>>>>>>JDS Computer Training Corp.
> >>>>>>>>>>>>jstucklex@attglobal.net
> >>>>>>>>>>>>==================
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>owkaaaaayyyy, i never realized ftp and uploading aren't the same
> >>>>>>>>>>>thing...
> >>>>>>>>>>>I don't need to mix them, i need a script to upload files, wich can
> >>>>>>>>>>>prefferably
> >>>>>>>>>>>run without any chmodding etc.
> >>>>>>>>>>>
> >>>>>>>>>>>Frizzle.
> >>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>Ok, you just need to ensure you have the original directory permissions set
> >>>>>>>>>>properly, then. In a typical installation the directory would be owned by the
> >>>>>>>>>>webserver's userid with permissions of 755.
> >>>>>>>>>>
> >>>>>>>>>>And I hope I didn't confuse you. You can upload via HTTP, or with the ftp PUT
> >>>>>>>>>>command. In either case the file ends up on the server. But how it gets there
> >>>>>>>>>>is much different.
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>--
> >>>>>>>>>>==================
> >>>>>>>>>>Remove the "x" from my email address
> >>>>>>>>>>Jerry Stuckle
> >>>>>>>>>>JDS Computer Training Corp.
> >>>>>>>>>>jstucklex@attglobal.net
> >>>>>>>>>>==================
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>When i create a new folder, either via Plesk, Dreamweaver or WS_FTP,
> >>>>>>>>>folders are standard chmodded 755.
> >>>>>>>>>That should be allright then ...
> >>>>>>>>>
> >>>>>>>>>Frizzle.
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>>*Should be* is the key. If your host has things set ip properly, then yes you
> >>>>>>>>should be OK. But if not...
> >>>>>>>>
> >>>>>>>>And I'm not sure about Plesk, but I know DreamWeaver and WS_FTP both use ftp to
> >>>>>>>>transfer files. I suspect Plesk does, also.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>--
> >>>>>>>>==================
> >>>>>>>>Remove the "x" from my email address
> >>>>>>>>Jerry Stuckle
> >>>>>>>>JDS Computer Training Corp.
> >>>>>>>>jstucklex@attglobal.net
> >>>>>>>>==================
> >>>>>>>
> >>>>>>>
> >>>>>>>Well, ok, but where should i focus now to build a script to upload
> >>>>>>>files to my server?
> >>>>>>>FTP, or an other file transfer method?
> >>>>>>>It would be ideal if i could also create / delete folders ...
> >>>>>>>
> >>>>>>>Frizzle.
> >>>>>>>
> >>>>>>
> >>>>>>
> >>>>>>Frizzle,
> >>>>>>
> >>>>>>It depends on how you want to do things. If you're going to be the only one
> >>>>>>uploading, you can do ftp or http uploads. If you have users who may not be
> >>>>>>familiar with ftp, you should do http uploads.
> >>>>>>
> >>>>>>The downside of http uploads is you can't synchronize files between your local
> >>>>>>copy and the website with products like Dreamweaver.
> >>>>>>
> >>>>>>You can create and delete directories in PHP also, assuming your host hasn't
> >>>>>>disabled these functions and you have the appropriate permissions. So that's
> >>>>>>not a problem.
> >>>>>>
> >>>>>>It's all in how you want to maintain your site.
> >>>>>>
> >>>>>>
> >>>>>>--
> >>>>>>==================
> >>>>>>Remove the "x" from my email address
> >>>>>>Jerry Stuckle
> >>>>>>JDS Computer Training Corp.
> >>>>>>jstucklex@attglobal.net
> >>>>>>==================
> >>>>>
> >>>>>
> >>>>>It's meant for a user based site; users with certain priviledges are
> >>>>>allowed to add news and files to the site. No synchronizing
> >>>>>needed. Mostly images and mp3's, maybe some docs etc.
> >>>>>
> >>>>>Frizzle.
> >>>>>
> >>>>
> >>>>In that case I would suggest http uploads.
> >>>>
> >>>>Maybe the easiest way is to have an admin page where you can let PHP create the
> >>>>root directory(s) you wish, then let the main part of the site upload into these
> >>>>directories and, if necessary, create new directories.
> >>>>
> >>>>If the webserver creates them it will be the owner, also.
> >>>>
> >>>>--
> >>>>==================
> >>>>Remove the "x" from my email address
> >>>>Jerry Stuckle
> >>>>JDS Computer Training Corp.
> >>>>jstucklex@attglobal.net
> >>>>==================
> >>>
> >>>
> >>>Hmm, hope i'm not back at the start (the chmodding part) i get an
> >>>error:
> >>>
> >>>Warning: move_uploaded_file(): SAFE MODE Restriction in effect. The
> >>>script whose uid is 10008 is not allowed to access / owned by uid 0 in
> >>>/home/httpd/vhosts/host.com/httpdocs/test/admin/ftp2.php on line 17
> >>>
> >>>Here is some more debugging info:Array
> >>>(
> >>> [userfile] => Array
> >>> (
> >>> [name] => photo.jpg
> >>> [type] => image/jpeg
> >>> [tmp_name] => /tmp/phpejdmGr
> >>> [error] => 0
> >>> [size] => 11469
> >>> )
> >>>
> >>>)
> >>>
> >>>
> >>>Does this have something to do with the Chmodding again ? (Please tell
> >>>me it doesn't...)
> >>>
> >>>Frizzle.
> >>>
> >>
> >>I have no idea - don't know what code you're using.
> >>
> >>But it looks like you're trying to access the system root directory ('/') -
> >>which is owned by root. You can't do it.
> >>
> >>
> >>--
> >>==================
> >>Remove the "x" from my email address
> >>Jerry Stuckle
> >>JDS Computer Training Corp.
> >>jstucklex@attglobal.net
> >>==================
> >
> >
> >
> > You were right, i forgot a dot (shame on me) in the path. My code is
> > below.
> > Having fixed that, it gave me the next (of how many :s ) error:
> >
> > --- ERROR ---
> >
> > Warning:
> > move_uploaded_file(/home/httpd/vhosts/host.com/httpdocs/new/admin/uploads/photo.jpg):
> > failed to open stream: Permission denied in
> > /home/httpd/vhosts/host.com/httpdocs/new/admin/ftp2.php on line 17
> >
> >
> >
> > Warning: move_uploaded_file(): Unable to move '/tmp/phpzeJkaC' to
> > '/home/httpd/vhosts/host.com/httpdocs/new/admin/uploads/photo.jpg' in
> > /home/httpd/vhosts/host.com/httpdocs/new/admin/ftp2.php on line 17
> >
> > Possible file upload attack!
> > Here is some more debugging info:Array
> > (
> > [userfile] => Array
> > (
> > [name] => photo.jpg
> > [type] => image/jpeg
> > [tmp_name] => /tmp/phpzeJkaC
> > [error] => 0
> > [size] => 11469
> > )
> >
> > )
> >
> > --- END ERROR ---
> >
> > The folder i'm trying to access is /test/admin/uploads
> > and it does exist. (checked).
> > I hope you can tel me what's wrong. Anyway, i really appreciate all
> > your effort for trying to help me!
> >
> > Frizzle.
> >
> > My entire exact code is below:
> >
> > ++++++++++++++++++++++++++++++++++++++++++++++
> >
> > <?php
> >
> > require_once('../inc/globals.php');
> >
> > /*$ftp_conn = @ftp_connect( $default_ftp_server )or
> > die('<b>Error!</b><br>FTP Host Niot Found!');
> > @ftp_login( $ftp_conn, $default_ftp_user, $default_ftp_pass )or
> > die('<b>Error!</b><br>Wrong FTP-login name or FTP-pass!');
> >
> > @ftp_close( $ftp_conn );*/
> >
> > if( isset( $_FILES['userfile'] ) ){
> >
> >
> > $uploaddir = './uploads/';
> > $uploadfile = $uploaddir . basename($_FILES['userfile']['name']);
> >
> > echo '<pre>';
> > if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
> > echo "File is valid, and was successfully uploaded.\n";
> > } else {
> > echo "Possible file upload attack!\n";
> > }
> >
> > echo 'Here is some more debugging info:';
> > print_r($_FILES);
> >
> > print "</pre>";
> >
> > };
> >
> > ?>
> > <form action="<?php echo $PHP_SELF; ?>" method="post"
> > enctype="multipart/form-data" name="images" target="_top" id="images"
> > class="form">
> > <input name="userfile" type="file" id="userfile">
> > <br>
> > <input type="submit" name="upload" id="upload" value="Upload!">
> > <input name="cancel" type="button" id="cancel" value="Cancel"
> > onClick="javascript:if(confirm('Sure?')){ history.go(-1) }else{}">
> > </form><?php
> >
> > if (is_dir($uploaddir)) {
> > if ($dh = opendir($uploaddir)) {
> > while (($file = readdir($dh)) !== false) {
> > if ($file !== '..' && $file !== '.') echo "filename: $file : filetype:
> > " . filetype($uploaddir . $file) . "<br>\r\n";
> > }
> > closedir($dh);
> > }
> > };
> >
> > ?>
> >
> > ++++++++++++++++++++++++++++++++++++++++++++++
> >
>
>
> OK, who owns the directory, and what are its flags? And what's the userid of
> the webserver?
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstucklex@attglobal.net
> ==================

User: domainname
Group: psacln
Permissions: rwx r-x r-x

Userid i don't know. How could i check that ?

Frizzle.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация