Topic awaiting preservation: Chmod problems

Ok here is my problem.

I have a comment script on my site. It's a php driven script. It works like this. Every newspost has an unique (blogger) number. When an user submits a comment it makes a file : number.comment. That file has to be 666 to be able to add comments to it etc. Those files are in the map: comments which i even chmod to 777. I chmod the file to 666 but it changes back to 644 every time. So it's impossible to make comments and it gives me an error.

What can I do about it?
I heard there is a php chmod command, but I suck at php.
You can see the script at http://milio.be/~epsilonzero/comments.txt

Hope I've given you enough information...


Signature: My fanpage

[This message has been edited by Milio (edited 11-30-2003).]

[This message has been edited by Milio (edited 11-30-2003).]

Milio: Yep there is a PHP chmod() function:
www.php.net/chmod

It is pretty straightforward and the user comments always help so have a look at it and if you have problems let us know.

___________________
Emps

The Emperor dot org

I don't know a thing about PHP, so yeah I still have problems with it...

Signature: My fanpage

Milio: Righto - well it seems like you now have the incentive for a quick crash course

Your link to the script gives a 404 by the way.

___________________
Emps

The Emperor dot org

404 fixed. For some reason my host decided to completely reinstall the server when all they had to do is change the time for the logs. ANd the backup was 2 days old



Signature: My fanpage

Milio: OK I had a quick look. This bit writes the information to a flat file:

quote:

---

if($banIPMode != 2) {
$file = @fopen("comments/$commentID.comment", 'a');
fwrite($file, $thisComment);
fclose($file);
}

---

See the manul on this function:
http://www.php.net/fopen

All you need to do is chmod the file after you have written to it (as far as I can tell, unless I've missed something).

___________________
Emps

The Emperor dot org

well... I can see no reason to give any file 666, or 777 for that matter, which would be even more dangerous. 664 should be enough to allow your web server to read and write to the file, even if it belongs to your user account on the server.

From the readme...

NOTE: If, at any point, you upload/download/edit the comments directory and/or the
.comment files it contains, you MUST reset the permissions on all of these files to
777. Otherwise, the comments script will be unable to write to them.

Now it makes sense, I should never touch those files, but why? why on earth would that change my phmod settings?

Signature: My fanpage

a) 777 means world readable (ok), writeable (ugh) and executable (!!!). having it writable for everyone, and executable by anyone, is a security risk.
Therefore, your host is correct to protect itself, by preventing such.

Now, I could imagine a situation where your file needs to be world read and writeable, but not executable.
Still, for a php script, group read/write (the second number) should be enough, since it's either running as your username (and then the files belongs to you, and actually, the first number would be used), or as the apache, to who's user group you should be belonging.
now, if you host is somewhat unlucky in his setup, you might not belong to the apache group... then you'd have to set the file world read and writeable. Still it would not need to be executable.