File Permissions Of PHP Session Files
I noticed that the file permissions (unix) of the PHP session files
have only read and write permissions for the Apache process (600 or rw-
--- ---).
Does anyone have any idea where this permission is set ? I can't find
any
umask or chmod settings for it in the php.ini file. Can't find
anything in
the httpd.conf either. Is it set in the PHP code that implements
session_start()?
View Complete Forum Thread with Replies
Related Forum Messages:
.php Files - Permissions Are Set Public Readable - So Can Public Get To See Actual Raw File?
As a newbie to PHP is it in anyway possible for a casual web surfer to actually get to see the PHP behind my .php file. E.g. if index.php contained PHP code to check if the page had been called with a variable such as "password", is there anyway a public member can get to see the raw php file and therefore see what the password is? index.php might be: if ($_REQUEST[password]="secret") {[color=blue] >Then show one page[/color] else[color=blue] >show another page[/color] } So if a user visits with index.php?password=secret they get to see the secret page. But as the index.php has to have file permission set so that anyone can read it, I'm worried that the public can just somehow view the file and learn the password.
View Replies !
Files, Permissions
I need to be able to set the owner properties of a file that is being uploaded so that it can be counted towards the file quota. Basically my setup is as follows: A user logins in, uploads a file, and this file is saved in a directory out of the public folder. The problem is that the group and the owner IDs are being set to 'nobody'. This means that the files are not being counted towards a users file quota since it is setup (and I cannot change this part) to count quotas based on file owners. I tried using chgrp and chown but it says I dont have permission to. I cant figure out how to do this.
View Replies !
Writing Files And Permissions.
If Apache is running as the user "www" and "www" is part of my group "wheel" should'nt i be able to create files with php in a directory that has the permissions of 0775? It seems i always need to make the directory 0777 to write to it, which doesnt seem right.
View Replies !
Change Permissions On Files
I understand that chmod(); is to change the permission on folder, but is it also used for changing file permissions? I need to take the images my users upload and change their permissions so they can delete them.
View Replies !
Permissions / Retrieving Uploaded Files
I have set up a website where visitors can upload files. We then ftp into the server to retrieve those files, however we cannot access them as they are chmod'ed to 600 by default. How do we gain access to these files, or chmod them when they are first uploaded by the user so we can download them with ftp? Added note - the server is telling me that the owner of the uploaded files are 'apache', which I guess is the default set up. Also tried the chmod command, but had no luck 'permission denied'..
View Replies !
Users/permissions/files - LAMP
So I'm considering a small project that involves online file storage. Let's say I wanted to set up a site that allows people to log-on, create an account, and then have space to upload files. The problem I'm having concerns permissions, basically. Code:
View Replies !
Session Files (text Files) Deleted After Sometime When User's Session End
In developing a recent project, I want to implement a feature, that certain query results will be written to a text file, after the user's session end for twenty minutes, the text file will be deleted automatically. I know in win/IIS/asp how to config this feature, but no idea how to do these in linux/apache/php. Php manual's session_save explain is not helpful enough. Anybody have such experience??
View Replies !
Session Permissions Change Without Warning (HELP)
I run Apache2 and PHP5 and most of the time it works fine with my scripts. Then occasionally, and it doesn't seem to make any difference when, I'll get php session errors, saying that that permission is denied. I've checked the /private/tmp folder (desig in php.ini) for permissions and it's fine (drwxrwxrwt). But here's the weird bit. when I first hit a website, it places a session tmp file in /private/tmp just like it should, with permissions of: Then suddenly without warning I'll get session errors from the PHP scripts and the session files will have changed permissions to: ---------- nobody wheel Does anyone have ANY idea why the session tmp files would change permissions like that? Can't find anything on google and I'm stumped.
View Replies !
Changing Write Permissions Of Files And Folder
i want to make the files and folder in my server write protected. i want to change the file read write permissions dynamically so that i can change the write permission of the folder and upload files to it and again make the folder write protected.
View Replies !
File Permissions
Im in the process of creating a web based frontend for a program called ASK (Active Spam Killer - http://a-s-k.sourceforge.net) and am currently running into a problem. Currently there is a perl based web front end, but it lacks functionality, and is rather bland, although it does work, and it works without changing any file permissions. The problem im running into is that PHP requires me to make changes to file permissions (ASK files are located OUTSIDE of the web tree) which might end up causing problems as far as security and privacy of email. Has anyone come to any reasonable answer for this type of problem as im sure its a issue for other programs people write.
View Replies !
File Permissions....
I've read the stuff concerning writing to a text file and the related file permission issues on this forum.I have a script that does just that, it takes user-entered data from a Web Form and dumps it to a text file on a server. This works fine on my private server, but is giving me the error...."Could not open stream.Permission denied on Line..." on the company server...The Company machine uses Windows XP. I've tried talking to the System Administrator regarding the Permissions,but he says that giving READ/WRITE/EXECUTE Permissions could create Security Issues. I have been told that previously,a script written in ASP had been used that did exactly the same thing i.e writing to the text file, but there were no File Permissions needed to be set!
View Replies !
Problem With File Permissions : PHP / FTP
My php-script makes directories and puts files in it. But via FTP'ing, I can't delete those files anymore. Also, I need to put a whole bunch of existing files into these, 'made-by-php' directories, and that seems impossible by means of FTP. I get an 'access denied' error every time.
View Replies !
File Permissions After Copy()
This function basically creates a new dir in a determined location and copies the files from an established dir to the new dir. It copies the files and creates the folder ok, bit it sets the file permissons to 755 for the new folder and file contents. I then get a 550 error if I try to delete or chmod them. Any suggestions? I get permission errors in the script if I use the chgrp and chmod functions also. PHP Code:
View Replies !
File Permissions In Win98
I just wanted to know if there was any way I could change my file permissions so I can use the fopen function in windows 98 using Apache and PHP 4.04???? I know how to do it for Linux but I need it for Win 98.
View Replies !
Change File Permissions
i'm trying to create a file management tool online using php. Everytime i copy or create files or folders though it assigns ownership of the new files or folders to the apache id. i tried using backticks, exec, shell_exec and the php shell commands. php safe mode is off. i can create the files and folders using shell commands and have tried to change ownership using chown but that doesn't seem to do anything. any insight can help. the goal is to be able to create these files with the same admin user ownership as all the other files on the site.
View Replies !
CHMOD File Permissions
i have a few question about file permissions. which is the best way to set a permission to a mp3 tha ti can play on the website, but if anyone try to get it from the directory they wont be able to? like if i am playing thissong.mp3 and someone went to the directory to try and get the file music/songs/thissong.mp3 they would get some kind of error. also for folders that don't have a index file. which permission would be the bes tinstead of creating a number of index for each, but not give a use permusic to see the context if the go to mydirectory/functions/ .
View Replies !
File/folder Permissions
I have an upload function that uploads images into a folder. The folder is set to 777. However when I upload an image file to the folder, the file uploaded is set to 600. Therefore it wont appear on web. I'm not sure why this is doing this for?? Im using the php function move_uploaded_file to upload the file.
View Replies !
File Write Permissions
I'm trying to get an open source PHP app working for my company. It's giving me the following custom error: FreeMED was unable to create a file to record the healthy status of the system. The FreeMED directory should be owned by the user that the webserver is running as... Usually this is 'apache'. You can also fix this by giving universal write access to the home directory of FreeMED. But that is not advisable from a security standpoint. I've narrowed it down to the line of PHP that's breaking it here: $test = CreateObject('FreeMED.FreeMEDSelfTest'); As far as I can tell, I've made the directory it's using as open as possible and it's still giving me that error. The owner is apache (user and group) and the permissions are (temporarily) set at 0777 (universal read/write). Is there some PHP or Apache configuration that needs changed to allow PHP this kind of permission?
View Replies !
File Permissions Windows
i am using the LOAD DATA INFILE to load from a txt file. Although it works fine with the MySQL command it does NOT work with Script...does anybody know why?
View Replies !
File Permissions On Upload
I am uploading picture. This is part of the code if(!move_uploaded_file($_FILES['fullSizePic'.$propId.$i]['tmp_name'], '../images/properties/'.$imageName) ){ chmod('../images/properties/' . $imageName , 0777); } The file uploads and moves into the properties folder. That folder's chmod is 777, but the file's chmod is only 600 making it unreadable by the server. I try to chmod it with php (as you can see above) and it doesn't work.
View Replies !
Not Enough Permissions To Delete A File
I want to delete a file using unlink() function. I'm getting a warning that says that I have no permissions to do that. I suppose that is because the file I'm trying to delete is under the root directory path. I searched the forum about deleting files but found nothing alike my problem...
View Replies !
Upload File Permissions Problem
I've moved an existing site (which I didn't write) from a apache/php/mysql host under windows to a linux apache/php/mysql host. I've sorted out most problems except one. There is an upload function on the site, which uploads files via POST to temp folder and then moves it into a folder on the host using php function move_uploaded_file. Under windows this works fine but on the linux host the uploaded file is created with 600 permissions so it cannot be accessed later by site visitors. The folder it is uploaded into has 755 permissions. Is there a way of setting the default file permissions so each uploaded file can be set to say 644 or do I need to chmod each file after upload?
View Replies !
Creating A File, Uploading, And Permissions
I'm using php4 and i want to check for a file, if it doesn't exist it should be created. My problem is i have to create it with specific permissions specifically 666 so that the script can then write to it. I don't have ftp access. I'm also looking for any tutorials, recent ones, using php4 for creating file upload areas, i'm trying to make one of those as well.
View Replies !
File And Directory Permissions For PHP Application
I make the directory 0777 and then write the file then i make the file i tried a few but they keep from being read im sure the file is ok i think i can handdle file permissions but i think its directory permissions im having a prob with. Its an image file i write it and then need to use it so make the directory 0777 and then write the file and then what to the file and what to the directory ? i am using php ftp() but if anyone knows any differences with php chmod() then please tell me apart from that i do a 777 righth now and leave it at that. what should i being to the directory and file after to make it secure because i dont whant people tampering with them ? OH AND THIS PROBS ON TH MAC OSX 10.4 TIGER my chmoding works fine on linux the way it is 0777 and then a 655 + somtimes i play with the permissions of the directory throgh the os GUI or the shell and i got it to tell me i dont have permissions in the OS but in PHP its ok is this coz PHP got ownership of it when i messed with the addtional BIT.
View Replies !
File Permissions Denied Error
i'm using the following code to create a file. PHP Code: $fn = "file.php"; $FileHandle = fopen($fn, 'w+') or die("can't open file"); $stringData = "Something"; fwrite($FileHandle, $stringData); fclose($FileHandle); when i check the file properties i can see that the file's permission is set to 644 so when i use the following code to delete it i get a permission denied error. PHP Code: $myFile = "file.php"; $fh = fopen($myFile, 'w') or die("can't open file"); fclose($fh); $myFile = "$file.php"; unlink($myFile); what shall i do to set the permission to 777 when creating the file?
View Replies !
Chmod Mkdir And File Permissions..
I'm trying to create directories and move files with the right permissions. When I make a dir using mkdir I'm setting the permission to 777 to my folder variable $t2 below, but when I check the chmod it's 755? When I copy files over to this folder the file permission are set to 644 and I can't even get rid of them on the server because it won't allow me to delete them. Is there anyway to set permissions to a file as you're using the copy function? Code:
View Replies !
Session Is Working Correctly The Files In /var/lib/php/session Are Not 0 Size
I have two server with almost the same environtment, the only difference is on one apache was built from source and another was rpm. OS: Fedora Core 3 apache 2.0.54 php 5.0.4 On one box session is working correctly the files in /var/lib/php/session are not 0 size when they are expected to hold some session data storing from scripts. But this is not case for another box. The actual session files are created but they are not filled with data as it is expected and they are always 0 size and session variables are empty. Code:
View Replies !
Set Up The Permissions So That My Script Can Simply Fopen A File For Writing.
I am rather new to PHP and a relative newbie to Linux too. I have a webserver at home (Apache 2.0.48 on SuSe 9.0, PHP4). I have some scripts, one of them needs to be able to create logfiles somewhere on my machine. It must also later be able to read from and write to these files again. Sofar I get a permission error. I tried chmodding 666 or 777 the directory in which the files could reside, to no avail. How do I set up the permissions so that my script can simply fopen a file for writing. Or if that's not the issue, what am I doing wrong or overlooking ? The errors: Warning: fopen(logfileslog1.txt): failed to open stream: Permission denied in script1.php on line 142 Warning: fwrite(): supplied argument is not a valid stream resource in script1.php on line 154 Warning: fclose(): supplied argument is not a valid stream resource in script1.php on line 161 It's the first I am puzzled about, the 2nd and 3rd are a logical consequence. By the way, reading from and writing to a file I have previously created myself with exactly the names I tried to get created by the script (echoed the name, ok) is no problem at all. So I don't think it has much to do with a safemode or open_basedir setting. I also tried creating the scripts in the same dir the script itself resides. Did not work either.
View Replies !
Linux File Permissions On Maildir, Apache User
i have the following problem. I am trying to create maildir directories on the local filesystem then chmod, chown them to courier:courier (for courier mail server). the courier mail server reads and writes on these maildirs on the local filesystem and they need to have courier:courier ownership. it does not work because the directories are created with apache:apache ownership and apparently only root can change ownership. My question is as follows. Is the only solution to this problem to add the courier user to the apache group?
View Replies !
Open A File To Store Some Date :: Permissions Dilemma
I want to open a file to store some data. However, when I use fopen('filename', w) I get permission denied. So, I've changed the permissions of the directory to get rid of the permission denied problem. Unfortunately, this seemed to require changing the directory to have permissions 777.
View Replies !
Session Limit (maximum File Size Of A Session)
We all now that upon calling session_start(), it will create a file and in this file the session variables that you assigned will be stored. My question is how big can a session file can be? is there a limit or maximum file size for a session file?
View Replies !
Session Files Will Not Be Deleted
My problem: - i dont wan´t to destroy the session - i want that the session will be deleted by "php" when the gc maxlifetime parameter hits - i can turn this parameter on what i want - nothing will be deleted! - in my specail case - i make use of session_save_path - i use my own Could it be, that "php" doesnt delete session files in own session_save_paths ?
View Replies !
Session Tmp Files Empty
I have PHP 4.0.6 (I'm stuck with this till I can find a hosting company that realizes that upgrading would be a good idea) and I have this simple test: In "test1.php" <? session_start(); $HTTP_SESSION_VARS['test'] = "hey"; header("Location: test2.php"); ?> In "test2.php" <? session_start(); var_dump($HTTP_SESSION_VARS);?> It prints an empty array. So I logged int via telnet and looked at the session files in /tmp and they are all empty and have a file size of 0.
View Replies !
When Do Session Files Get Erased?
I am using filebased sessions with and they get created in a folder called c:php5appssessions I have cookies enabled. I clear the cookies, but when to the session files eventually get erased? Does PHP check the sessions folder everytime for expired sessions and erase them?
View Replies !
Session Files Problem
php is making the session files with another user/group and with them being set to chmod '-rw-------' my https server which is trying to read them cant, they are being set with the user/group from the http server. i have in apache-ssl's httpd. conf 'User https-serv Group https-serv' and in apache's httpd.conf is 'User http-serv Group http-serv'
View Replies !
Unserialize Session Files
Could somebody explane to me how i can unserialize the content of a session file, i allready reading the session files and the content now i only need to unserialize the data in the files. Code:
View Replies !
Session Management And Include Files
Can I manage my sessions through an include file? Example, can I put the following code into an include file: session_start(); $time = $_SESSION['Time']; $user = $_SESSION['User']; $now = time(); echo $now; echo "<BR>$time"; if($now > ($time + 1200)) { $query2 = "UPDATE users SET online = 'n' WHERE username = '$user'"; $result2 = mysql_query($query2); session_destroy();?> <script language=javascript> window.parent.location.href = "index.php"; </script> <? } Then call it from a normal file like so: include "./sess_mgmt.inc"; Also, can I have an include file inside an include file?
View Replies !
Session Data In Included Files
How does a script access the variables in a session file? Scenario: <?-- this is the main script include("main.inc.php") $Username = $myname //myname is a variable in the session file $html = new html; //html class defined in main.inc.php sneds out headers and so on do lots of other php stuff $html -> send_footer() // found in main.inc.php and itself 'includes' footer.php ?> Now footer.php 'included' from within the function send_footer defined in main.inc.php and called by the primary script wants to access $myname, the session variable that stores my user name. i can't seem to get it at all. Has anyone any idea or am i being too vague here? Do I need to do something else at the beginning of footer.php that 'gets' the variable again from the session file? If so, how? The session ID is accessible to it cos I had it print it out to make sure, and the session file does definately hold a variable of the right name, I just can't return the data for some reason.
View Replies !
How To Delete All Sessions (session Files)?
What line(s) of PHP code can I use to delete ALL existing session files? I tried: $_SESSION = array(); session_destroy(); ......but those two lines appear to only delete the session file that was created for the current session.
View Replies !
|
TRACKER
