Jump to content

Permissions error I can't figure out


Recommended Posts

Can someone please give me some guidance on how to deal with the following warning

Quote

Warning: move_uploaded_file(../usernet/img/60ff59c9f0a830.45733158.jpg): Failed to open stream: Permission denied in /opt/lampp/htdocs/site/admin/add_post.php on line 23

Warning: move_uploaded_file(): Unable to move "/tmp/phpXNeGsj" to "../usernet/img/60ff59c9f0a830.45733158.jpg" in /opt/lampp/htdocs/site/admin/add_post.php on line 23

All directories and files in the path have full owner permissions and I've made myself the owner of them all (I'm on a linux system). I've also done the same with the /tmp folder. I can't even think of anything else to change and haven't found anything online that solves the issue.

in case it's needed, the php is as follows:

<?php
require("assets/initializations.php");

if(isset($_POST['add_post']) && !empty($_FILES['post_image'])) {
    $filename = $_FILES['post_image']['name'];
    $file_tmp_name = $_FILES['post_image']['tmp_name'];
    $filesize = $_FILES['post_image']['size'];

    $file_ext = explode('.', $filename);
    $file_act_ext = strtolower(end($file_ext));
    $allowed = array('jpeg', 'jpg', 'png', 'gif');

    if(!in_array($file_act_ext, $allowed)) {
        header("Location: add_post.php?message=file_type_not_allowed");
    } else {
        if($filesize > 10000000) {
            header("Location: add_post.php?message=file_too_large");

        } else {
            $file_new_name = uniqid('', true) . "." . $file_act_ext;
            $dir = "../usernet/img/";
            $target_file = $dir . basename($file_new_name);
            move_uploaded_file($file_tmp_name, $target_file);
            echo "<script>alert('Image uploaded successfully');</script>";
        }
    }
}

I do get the javascript alert that's it's been successfully uploaded, but the image doesn't make it into the specified directory and I get the warnings at the top. I'm also, probably obviously from the path, using XAMPP server for development. TIA

Link to comment
Share on other sites

4 hours ago, TechnoDiver said:

All directories and files in the path have full owner permissions and I've made myself the owner of them all (I'm on a linux system).

Your user account is the owner and you've given yourself all the necessary permissions. But is PHP running as your user account?

Link to comment
Share on other sites

8 hours ago, requinix said:

Your user account is the owner and you've given yourself all the necessary permissions. But is PHP running as your user account?

If that can be accurately checked by going into PHP interactive mode and entering

echo exec('whoami');

or

print shell_exec( 'whoami' );

 

Then yes, it's running as my user account

Link to comment
Share on other sites

No it can't. Add that code to the PHP file giving you the error then run that code as a user normally would from a web browser. In the case of Linux, the user will normally be 'apache'.

Link to comment
Share on other sites

Posted (edited)
43 minutes ago, gw1500se said:

No it can't. Add that code to the PHP file giving you the error then run that code as a user normally would from a web browser. In the case of Linux, the user will normally be 'apache'.

Ok, I see that now. It comes back as daemon. I was just doing some searching around trying to work out the safest way to change this and I must have found a dozen or more different ways, suggestions etc etc. When I follow up on what they're saying I don't find anywhere that it says a user is 'daemon'  (only my username or root) so I have no idea which one to listen to and feel like I'm in territory where I shouldn't be experimenting too boldly. What would you do here?

Edited by TechnoDiver
Link to comment
Share on other sites

Ok, I was busy trying to figure out how to change the php user that I never thought about changing permissions for 'daemon'. I've only ever seen my username and 'root' as owners or groups so was thinking I had to change the php user to my username. Thanks for the patience.

I do have another question that happened while I was messing about with permissions that maybe you could answer - instead of changing the owner to 'daemon' I had decided to make a group, give it full permissions in the path and then add 'daemon' to that group. That didn't work. Since 'daemon' was also a group I eventually just made it the group owner of the relevant directories and files.

My question is, since the group that is also my username was already the group owner, why couldn't I have just extended the group permissions and add the 'daemon' user to that group and have it work? I really thought that would work, but it didn't. Any good explanation as to why??

Link to comment
Share on other sites

1 hour ago, TechnoDiver said:

why couldn't I have just extended the group permissions and add the 'daemon' user to that group and have it work?

You could have. It's weird, you shouldn't really be adding system users to your personal group, but you could.

PHP should run as an under-privileged user such as (I assume) "daemon". It should not run as your account. If you need it to be able to do certain things then you should be granting it permission.
Here, I think I would change ownership on whatever directory to be owned by your user and the daemon group, then set permissions to 0775.

Link to comment
Share on other sites

15 hours ago, requinix said:

Here, I think I would change ownership on whatever directory to be owned by your user and the daemon group, then set permissions to 0775.

That's exactly what I ended up doing in the end, thank you

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.