Uploading files using PHP script showing 600 permissions


Wrong Permissions While Uploading via PHP Script



                             I had an issue in one of my webserver in which, when uploading files using any PHP script, it is showing permissions other that default.
By default, files have 644 and directories have 755 permissions.
Here in my case it is showing 600 permission when uploading. When i checked the uploading permissions using ftp client like filezilla, there is no issues in it. The permissions are correct when uploading via FTP client.

There are options in FTP server to set upload permissions. You can set UMASK in those FTP servers if there are issues in FTP client too.

But here in this case it is something related with the PHP settings. There are options to force the permissions in the PHP upload script it self.

It is a suphp server. There are options to set the permissions in suphp server.

You can check the UMASK value using the following command.

[root@webserver ~]# cat /etc/suphp.conf | grep -i umask
umask=0077

I have found that umask set in my server is 0077. which will force permission to 600. I have changed the value to 0022 to fix the PHP upload permission issue.

[root@webserver ~]# cat /etc/suphp.conf | grep -i umask
;umask=0077
umask=0022

Also restart httpd to make it effect in the server.

[root@webserver ~]# /etc/init.d/httpd restart

===============================================================================

Note:-

Here is a sample PHP upload script to check the above issue.

This script will allow you to upload files from your browser to your hosting, using PHP. The first thing we need to do is create an HTML form that allows people to choose the file they want to upload.

create a file named testupload.php with the following HTML code in it.



Please choose a file:




This form sends data to the file "upload.php", which is what we will be creating next to actually upload the file.
Create a upload.php in the same document root in whcih testupload.php contains with the following php script.
<?php
 $target = "upload/"; 
 $target = $target . basename( $_FILES['uploaded']['name']) ; 
 $ok=1; 
 if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) 
 {
 echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded";
 } 
 else {
 echo "Sorry, there was a problem uploading your file.";
 }
?>



You have to create a directory named upload in the same location.
# mkdir upload

Test the upload and verify the result.
http://domain.com/testupload.php


That's it...

This entry was posted by Arun Ghosh. Bookmark the permalink.