http access and php read/write permissions.... one question !!

careerbridge · Jun 14, 2006

Hi,

I need to have a file which is not at all available with http, but should be able to read/write using php.

Where i have to place this file???
What should be its permission??
What will be its php access path

The php file will be located at the public_html folder...

Sicerely,
Jim Jose

bigguy · Jun 14, 2006

Can you give us a bit more information please.

careerbridge · Jun 14, 2006

Ok,

I have a php file index.php which is located in the public_html folder. From this file I have to read/write an another file online.txt using the fopen function.

But I don't want my clents to access this file (online.txt) via http://www.mysite.com/online.txt (normally the browser will prompt to download the file when enter this path)

I think its clear now...

bigguy · Jun 14, 2006

Could you use htaccess to stop ppl from getting to "online.txt"

PSP-Heaven · Jun 14, 2006

Or you can jus chmod it so that it is writable by admin, make sure writable by admin is checked, and all the others are not checked. thats should work, if not, chmod it to 000, that should also work.

The_Magistrate · Jun 14, 2006

PSP-Heaven said:
Or you can jus chmod it so that it is writable by admin, make sure writable by admin is checked, and all the others are not checked. thats should work, if not, chmod it to 000, that should also work.

DO NOT CHMOD 000! If you do that, you will not be able to read the file. Also, PHP is not run with root privileges and will not be able to read the file either. Performing a chmod 000 will only create more problems.

Geoff is right. You should use your .htaccess file to restrict people from accessing online.txt from a web browser. If you properly restrict the file with .htaccess, you can safely chmod 755 the file.

@PSP-Heaven if you know anyone who has a server with PHP running with root privileges please tell them to correct that problem and to talk to someone who knows what they are doing. It boggles my mind as to how much of a vulnerability that is.

careerbridge · Jun 14, 2006

Yeah, that right... I already tried the chmod method and it will not work....

I need to warn PSP-Heaven, bcose once u set chmod 0, u will lose the file permanently. Only one command will work.... delete

Btw, I found good article abt using .htaccess and I think it may be usefull to someone else here...
http://www.javascriptkit.com/howto/htaccess.shtml

Thank u guys for the reply.

Mike-lane · Jun 17, 2006

umm htaccess it. I think with linux _ infront of a folder name makes it locked :lockd: so put it in a folder with _ at the beginning?

careerbridge · Jun 18, 2006

WOW... thats good!! I am gona try this !!

http access and php read/write permissions.... one question !!

careerbridge

New Member

bigguy

Retired

careerbridge

New Member

bigguy

Retired

PSP-Heaven

New Member

The_Magistrate

New Member

careerbridge

New Member

Mike-lane

Complete IDIOT

careerbridge

New Member

Free Web Hosting

Our Community

Legal