ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I keep getting the subject message while trying to open a file. I have changed all the permissions to 777 on the directory which will contain the new file . Don't know where to go from here to fix this.
Code:
<?php
error_reporting (E_ALL ^ E_NOTICE);
include("../myPhpFunctions.inc");
if(isset($_POST['submit_row'])) {
$host="localhost";
$username="rick";
$password="";
$databasename="optumRx.db";
$id=$_POST['Id'];
$acctfor=$_POST['AcctFor'];
$invdate=$_POST['InvDate'];
$orderno=$_POST['OrderNo'];
$drugno=$_POST['DrugNo'];
$description=$_POST['Description'];
$cost=$_POST['Cost'];
$refills=$_POST['ReFills'];
$inputFile= fopen("optumRxInputFile.sql", "a+") or die("Unable to open file!");
for($i=0;$i<count($invdate);$i++) {
if($acctfor[$i]='Enter AcctFor') $acctfor[$i]='p'; // default value
if($refills[$i]="Enter ReFills") $refills[$i]=0; // default value
$str = "insert into rxdata values('".$acctfor[$i]."','".$invdate[$i]."','".$orderno[$i]
."','".$drugno[$i]."','".$description[$i]."',".$cost[$i].",".$refills[$i].")";
echo $str."</br>";
fwrite($inputFile, $str);
} // for
fclose($inputFile);
} // isset
?>
I created a test file that works ! It appears that this happens only when you try to run 'action' program on the <form>.
Code:
<?php
error_reporting (E_ALL ^ E_NOTICE);
include("../myPhpFunctions.inc");
$inputFile= fopen("optumRxInputFile.sql", "a+") or die("Unable to open file!");
$str = "insert into rxdata values()";
echo $str."\n";
fwrite($inputFile, $str);
fclose($inputFile);
?>
There is no path on the filename so it will try to append or create it in the current directory of the running process. This is probably not what you want. If your root is "/var/www" then create a directory "/var/www/tmp" with write permission to the apache user and open tthe file "/tmp/optumRxInputFile.sql"
What smallpond said.
Your code will try to create a file in /var/www/html/DB-sql -- all files are relative to the defined DocumentRoot in the VirtualHost container. Where do you want the file to go? Set the path in your script.
In order for a web application to create a file, the web user (www-data?) must have write access to the file* I usually do that by creating a sub-directory owned by the web user with 755 permissions and putting the path on the file name in the code. I then suppress DirectoryIndex on that directory and don't put an index.html there so that it can't be accessed with a browser.
*Putting 777 permissions on any directory, let alone a web accessable one, is a really bad idea! As you've seen, it didn't solve your problem (because you didn't do it on the directory your code was writing to). If all you're going to use DB-sql for, chown it to the web user and set the perms to 755, then add the path to the filename.
rick@rick-Latitude-E6510:~/DB-sql/PHP-Forms2$ ll
total 192
-rwxrwxrwx 1 rick rick 2364 Feb 15 11:32 optumRxForm.html~*
-rwxrwxrwx 1 rick rick 1675 Feb 17 11:00 test.php*
Your user and group are rick, the web server has no permissions in that path.
One way to deal with that would be to add rick to the web server group and make the owner:group of that path rick:www-data (example is www-data, may be apache or something else, check your system).
Also note that even though you have very inadvisedly set the permissions to 777 on that path, the file optumRxInputFile.sql does not exist. If you create the empty file then the web server should be able to write to it even now.
And please, NEVER, EVER revert to setting 777 permissions, even if you are the only user on that machine - it is among the worst of the bad habits you can form working with a web server - unlearn it now and do things right!
One way to deal with that would be to add rick to the web server group and make the owner:group of that path rick:www-data (example is www-data, may be apache or something else, check your system).
Since I almost never deal with users and groups how do I do this???
For your existing user, assuming you do not want everything in their home directory to belong to the web server group...
Code:
usermod -a -G web-group login-name
chown -R login-name:web-group /path/to/vhost/directory
On the other hand, if you want the default group for the user to be the web-group so that everything now and future in their home directory will belong to the web-group by default...
Code:
usermod -g web-group login-name
That will set the web-group as the default for that user and every file in their home directory will belong to the web-group.
In the above examples web-group will be the name of the group the web server runs under on your system, and login-name will be the user name, rick in your examples.
Assuming that "rick" has things in his home directory which he does not want to be accessible by the web server, I would suggest creating a new user just for the purpose of owning the vhost path, and make that user's default group be the web-group. Then, when you want to work on the web code, log in as that user and keep the web server out of your own home directory.
I'll give this a try.
I find all this very puzzling in that it is only fopen() that seems to behave this way I have many other scripts that behave 'normally'.
I'll give this a try.
I find all this very puzzling in that it is only fopen() that seems to behave this way I have many other scripts that behave 'normally'.
R
Well, it is only fopen() because only fopen() is trying to open the file for writing which bumps into the permissions barrier, as it should.
Normally, those permission barriers are the core of the idea of separation of privileges, not allowing a single user to access or do absolutely anything on the system, which is the reason Unix/Linux is fundamentally more secure than others in many ways.
"Normally" is when you understand how and why those permissions work a certain way and use that for your advantage instead of fighting against them.
I have another Virtual Host mydb.com (DB-Web). I copied the scripts from mysqlite.com(DB-sql) which is the problem child to a directory in DB-Web and the scripts run fine. The only difference that I can find in all the directories and files is in the permissions of directories DB-Web and DB-sql.
Quote:
drwxrwxrwx 10 rick rick 4096 Feb 18 09:51 DB-sql/
drwxr-sr-x 36 rick rick 4096 Feb 17 10:15 DB-Web/
I changed the permissions of dir DB-sql to drwxr-sr-x 10 rick rick 4096 Feb 18 09:51 DB-sql. Unfortunately this didn't work either.
RepeatIng what I said in #7:
In order for a web application to create a file, the web user (www-data?) must have write access to the file* I usually do that by creating a sub-directory owned by the web user with 755 permissions and putting the path on the file name in the code. I then suppress DirectoryIndex on that directory and don't put an index.html there so that it can't be accessed with a browser.
There’s nothing wrong with what astrogeek is suggesting. My suggestion is another way that I’ve used successfully for a long time.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.