[SOLVED] get php to write files to www-data owned directory

NevemTeve · 08-01-2017, 12:35 PM

It would be something like this:

Code:

    $dh=opendir($src);
    while ($imgFile=readdir($dh)) {
	if ($imgFile == "." || $imgFile == "..") continue;
	$imgPath= $src.'/'.$imgFile;	
        if (! is_file ($imgPath)) continue;

	$destPath= "/home/rick/DB-Web/PhotoTransFiles/$dest\n";	
	copy ($imgPath, $destPath);
    }
    closedir($dh);

sundialsvcs · 08-02-2017, 08:04 AM

I'm never too thrilled with the idea of web-pages writing anything into anyone's home-directory. I suggest that you should designate one single directory – e.g. a root-level directory, possibly then subdivided – as being "the (only) place that web-page code can write to." If you need to move the file somewhere else, feel free, but "that's the one-and-only place to go looking for it."

This also simplifies permissions and helps avoid accidental compromise of "home directories." (The more elaborate you make things, the more likely it is that you'll screw something up and not realize it.

) This clearly-distinct strategy also further ensures that "relative pathnames" won't bring surprises. (Use tools like AppArmor to ensure that Apache can't get out-of-bounds.)

"A place for everything, and everything in its place."

pizzipie · 08-08-2017, 02:28 PM

Thank you all very much for trying to help me with this.

I can't get it to work my way so will go back to where I started which was a completely command line implementation of the program run in PHP. I just wanted the eye candy appeal of the browser but didn't realize the security risks etc. that you all pointed out.

Thanks again for all your time,

R

astrogeek · 08-09-2017, 01:27 AM

You are welcome, and sorry that didn't work out as you wanted.

I hope that you learned the reasons why using Apache as a system level application is sometimes problematic, which will help you with future uses.

As I have looked over this thread once more, it occurred to me that PHP really is a good general purpose scripting language, and that the problems that you experienced result mainly from the way Apache is designed to work. But as you have some familiarity with PHP it may be possible for you to use your PHP code with one of the GUI binding libraries available which would eliminate the Apache complications.

Two come to mind, wxPhp and PHP-Gtk, but there are others. You might give those a look and see if they would allow you to build a GUI front using PHP, but with the eye-candy you desire.

Thanks for returning and marking this thread solved and good luck!