Upload File Permissions

[Goldwolf]

Hey folks,

 

I recently added the functionality to some web-based support software to handle the upload of files.  The files are uploaded using a very simple upload script.  The server is IIS 7.  PHP version 5.3.5.  Basically the function is:

 

$uploaddir = 'uploads/'.$client.'/'.$case_id.'/';  //$client and $case_id are passed to the function and are just strings.
if (!file_exists($uploaddir)) {
if (!mkdir($uploaddir,0755,true)) { die('Failed to create upload direcorty: '.$uploaddir); }
}
$filename = basename($_FILES['attachment1']['name']);
$uploadfile = $uploaddir . $filename;
if(!move_uploaded_file($_FILES['attachment1']['tmp_name'], $uploadfile)) {
echo '<pre>Your file could not be uploaded.</pre>'; 	
} else {
echo "<h1>File Uploaded Successfully</h1>";
}

 

This is boiled down of course...I would be doing a variety of checks for file types, existing files, etc... etc... but I've stripped that all out for now because:

 

Everytime a file is uploaded, I'm unable to see the file on the network when I browse to the upload directory path.  If I hyperlink to the image, it comes up.  If I have PHP look for it and get file information, it can.  So why can I not see the file when I browse to it in windows explorer across the network?  Had to be a permission thing... so checking the permissions of the directories I created, I found they're all set to 0777, and all the files within the case_id directory are set to permissions of 0666 (according to PHP's fileperms function).  Annoyed, I visited the machine directly and viewed the file permissions.  It seems that the file permissions user groups that are listed for the files are not those that are for the folder.

 

When I try to change individual file permissions using chmod($file,0777) (where $file is the relative path to the file from the current working directory of the script: uploads/client/case_id/test.txt for example) with PHP I can't (I can lower it but never get it higher than 0666).  In fact, if I try to set 0655 it doesn't change at all.  If I change the file permissions directly at the machine (so we're right clicking a file, going to security, clicking editing, clicking add, add my network self to the list and give myself full control) the files appear in windows explorer back at my desk.  If I don't do this, I have some "special" permission that denies me the right to even see the file from my machine.

 

So my big questions are:

 

1)  How do I control the permissions of the file when it is uploaded to allow all user groups access to the file, regardless of whether or not they are in the user groups list for the file or not on the host machine?

 

2)  I always thought setting the file permissions with chmod() was the be-all end-all for allowing access to a file ... but in this particular case chmod doesn't seem to be doing anything.  It changes the file permissions to 0666 or down to 0444 and then back up to 0666 but for whatever reason the permissions are not changed when I view the file directly at the server terminal.  Why?  How is chmod lieing?  P.S. I'm doing this to change the file

 

**note $file = uploads/client/case_id/text.txt

chmod($file, 0xxx); // xxx = 666 or 655 or 777 ... you get the idea.

echo "after change the file $file has file permissions: " . substr(sprintf('%o', fileperms($file)), -4) . "<br />\n";

 

 

 

 

[fugix]

Who is the owner of the directory that the file is in. What is the mode of the directory?

[Goldwolf]

The owner of the file is the account under which the PHP service runs.

 

The mode of the directory it creates is 0777, despite the directory is created with mkdir specifying 0755.