I hope someone can help with this. In order to upload images to my site I have to have the directory permissions set to 777, which I know is a no-no.
I am giving fictitious details for obvious reasons.
To log into my cPanel my usename is “user” and my password is “password” (not really).
So when I look at my directory info in Fetch (ftp program) it says the owner and the group are called “user”, Others doesn’t have a name.
When I create a database it has to be prefixed by “user_”, so does the mySQL username.
When I connect to the database using php I have: $link = new mysqli(‘localhost’, ‘user_somename’, ‘password’, ‘user_dbname’);
Now I know that I have only mentioned by mySQL database username and password, and that is probably only used for connecting to the database, what I don’t understand is how I manage (through my php script) to set my owner and group for the directory I want to upload to too “user”?
Any help would be much appreciated. When I am in charge of the uploads, I usually use Fetch to change permissions to 777 and then back to 755. But I want to help a friend with a website, and he won’t want to be phoning me every time he wants to upload some files. And anyway, I would rather not muck around like that myself.
It sounds odd that you have to set permissions each time you upload. I’ve never had to do anything like that. Normally, and ftp client just uploads images to a folder, no questions asked. Could you say a bit more about how these sites are set up? Is there a CMS involved?
I am trying to upload images using the following php script:
<!-- -------------------------------------------- -->
<!-- "image_upload_script.php" -->
<!-- -------------------------------------------- -->
<?php
// Access the $_FILES global variable for this specific file being uploaded
// and create local PHP variables from the $_FILES array of information
$fileName = $_FILES["image"]["name"];
// The file name
$fileTmpLoc = $_FILES["image"]["tmp_name"];
// File in the PHP tmp folder
$fileType = $_FILES["image"]["type"];
// The type of file it is
$fileSize = $_FILES["image"]["size"];
// File size in bytes
$fileErrorMsg = $_FILES["image"]["error"];
// 0 for false... and 1 for true
$fileName = preg_replace('#[^a-z.0-9]#i', '', $fileName);
// filter
$kaboom = explode(".", $fileName);
// Split file name into an array using the dot
$fileExt = end($kaboom);
// Now target the last array element to get the file extension
// START PHP Image Upload Error Handling -------------------------------
if(!$fileTmpLoc) { // if file not chosen
echo "ERROR: Please browse for a file before clicking the upload button.";
exit();
} else if($fileSize > 5242880) { // if file size is larger than 5 Megabytes
echo "ERROR: Your file was larger than 5 Megabytes in size.";
unlink($fileTmpLoc);
// Remove the uploaded file from the PHP temp folder
exit();
} else if(!preg_match("/\\.(gif|jpg|png)$/i", $fileName)) {
// This condition is only if you wish to allow uploading of specific file types
echo "ERROR: Your image was not .gif, .jpg, or .png.";
unlink($fileTmpLoc);
// Remove the uploaded file from the PHP temp folder
exit();
} else if($fileErrorMsg == 1) { // if file upload error key is equal to 1
echo "ERROR: An error occured while processing the file. Try again.";
exit();
}
// END PHP Image Upload Error Handling ---------------------------------
// Place it into your "uploads" folder now using the move_uploaded_file() function
$moveResult = move_uploaded_file($fileTmpLoc, "../../gallery/images/$fileName");
// Check to make sure the move result is true before continuing
if($moveResult != true) {
echo "ERROR: File not uploaded. Try again.";
exit();
}
// Include the file that houses all of our custom image functions
include_once ("ak_php_img_lib_1.0.php");
// ---------- Start Adams Universal Image Resizing Function --------
$target_file = "../../gallery/images/$fileName";
$resized_file = "../../gallery/images/resized_$fileName";
$wmax = 709;
$hmax = 709;
ak_img_resize($target_file, $resized_file, $wmax, $hmax, $fileExt);
// ----------- End Adams Universal Image Resizing Function ----------
// ---------- Start Adams Convert to JPG Function --------
if(strtolower($fileExt) != "jpg") {
$target_file = "../../gallery/images/resized_$fileName";
$new_jpg = "../../gallery/images/resized_" . $kaboom[0] . ".jpg";
ak_img_convert_to_jpg($target_file, $new_jpg, $fileExt);
}
// ----------- End Adams Convert to JPG Function -----------
// ------ Image Thumbnail(Scale) Function ------
$target_file = "../../gallery/images/resized_$fileName";
$resized_file = "../../gallery/images/thumb_$fileName";
$wmax = 150;
$hmax = 150;
ak_img_resize($target_file, $resized_file, $wmax, $hmax, $fileExt);
// ------- End Image Thumbnail(Scale) Function -------
$store_file = stristr($resized_file, '_');
unlink("../../gallery/images/$fileName");
// Remove original file
?>
As I said in my original post, the owner and group on the server have the name “user” (remember, this is fictitious). On my Mac, which I am uploading from, my username is cliffgs. So I assume that it is “cliffgs” that is uploading the image using the above script, and that is why the permission is denied. How can I upload as user = “user”? Or is it that I have not grasped the whole idea of permissions.
If it were only me, I would possibly do that, although uploading through a webpage interface is easier, especially as a database is involved. However, I am trying to develop something for a friend who really knows how to browse the web only (and can fill in forms, etc). To ask him to use an ftp client would be fraught with danger.
So s I said above, how can I upload the images as whatever the username of the owner of the directory on the Server?
I think you are barking up the wrong tree with users - I have never had to set a user on any website as the server sorts all the details out for you. As I understand it the upload script is on the server and so that us the owner of the upload not the computer uploading it.
If you have a permission problem it is to do with the folders and if they are at 755 when created it should work. So you are setting the permission to 777 on the folder gallery/images ?
I am setting 777 on the images folder. I am leaving the gallery folder at 755.
I am interested in your comment that the problem is to do with the folders “that they should be fine if they are at 755 when created”. I think that might be the problem. I didn’t create the folders on the website server using file manager, I uploaded them using ftp. Would it help now if I removed all the images to my local machine, deleted the folders on the server, recreated them with file manager and the correct permissions, and then ftp’d the images back? I use AptanaStudio 3 for development. I usually use that program to syncronise between my local machine and the website server.
What is the correct way to set up a website if you want to be able to upload images or other files at some time in the future? What about the folders which contain the php scripts, should I do anything special about them?
I build my sites on my computer using XAMPP - I tried Aptana a few years ago and did not get on with it; from memory the problem was I like more control.
On my old servers I had to do as you have done which is CHMOD the folders to 777 for uploading as they were all at 644 or 666 when created. Now when I create my folders they are already at 755. For some reason I can now upload into a 755 folder without problem - phpSuExec rings a bell about why.
Anyway as I say I create my site on my PC and upload everything in one go ( folders, files and images ) onto the server and the server sorts out permissions and owners etc.
On a couple of sites I have upload scripts which are uploaded through ftp and they work without changing permissions.
I was going to try the code on my server but can not find ak_php_img_lib_1.0.php on Adams website.
I can not contact you Cliff as you have PM etc. turned off.
Anyway lets forget the other code for a moment and try something simple to see if it still has a problem.
Save this as index.php into a folder and upload the folder to your server; then just navigate to the folder and you should get an upload form.
The folder should have a CHMOD of 755 when it is uploaded set by the server ?
This example will only work with a jpg file and I would try using a smallish file around 600-800px on the longest side for the test.
<?php
// If the form has been submitted do this
if ( isset( $_POST['Submit'] ) ){
// Temporary upload image name
$original_image = $_FILES['filename']['tmp_name'];
// Get the size of the original image into an array
$size = getimagesize( $original_image );
// Set the new width of the image
$thumb_width = "200";
// Calculate the height of the new image to keep the aspect ratio
$thumb_height = ( int )(( $thumb_width/$size[0] )*$size[1] );
// Create a new true color image in the memory
$thumbnail = ImageCreateTrueColor( $thumb_width, $thumb_height );
// Create a new image from file
$src_img = ImageCreateFromJPEG( $original_image );
// Create the resized image
ImageCopyResampled( $thumbnail, $src_img, 0, 0, 0, 0, $thumb_width, $thumb_height, $size[0], $size[1] );
// Save the image as resized.jpg
ImageJPEG( $thumbnail, "resized.jpg" );
// Clear the memory of the tempory image
ImageDestroy( $thumbnail );
echo "<img src=\\"resized.jpg\\">";
}
else { ?>
<p>File to upload:</p>
<form method="post" action="<?php echo $PHP_SELF; ?>" enctype="multipart/form-data">
<input type="file" name="filename" />
<input type="Submit" name="Submit" value="Submit" />
</form>
<?php } ?>