2

I have installed apache server on a linux fedora machine and I put the following test.php and test.html on var/www/html but when I open the 127.0.0.1/test.html on firefox the test.php doesn't create the text.txt file, let alone write the string to the file and the there is also no output for "echo $var"

the error is 

Warning: file_put_contents(test.txt): failed to open stream: Permission denied in /var/www/html/getdata.php on line 7

the permission for the directory is:

drwxr-xr-x. 2 root root 4096 Nov  6 14:14 html

test.php:

<?php
$v="x";
$fname='test.txt';
$rv=file_put_contents($fname,$v);
echo $rv;
echo $v;
?>

the test.html is so complex coz I planned to write something complex to a file on the server, but since there is some problem, I simplified the test.php

test.html:

<!DOCTYPE html>
<html>
<body>

<form id="yourFormID" method="POST" action="/getdata.php" ></form>

<script>
  function sendArray( theArray )
  {
    var frm = document.getElementById('yourFormID');
    fld = document.createElement("INPUT");
    fld.name ="data"; 
    fld.type = "hidden";
    fld.value = JSON.stringify(theArray);
    frm.appendChild(fld);  
    frm.submit();
   }

   var yourArray = [0.000023323,0.00001292,0.00003323];

    sendArray( yourArray );

    </script>
    </body>
    </html>
user1769686
  • 505
  • 2
  • 10
  • 16
  • 1
    Enable error reporting at the beginning of your test.php file to see what went wrong: `error_reporting(E_ALL ^ E_NOTICE); ini_set('display_errors', 1); ini_set('display_startup_errors', 1);` – mav Nov 06 '12 at 13:14
  • it is the permission problem, I'm at a loss on how to deal with it – user1769686 Nov 06 '12 at 13:19
  • possible duplicate of [PHP fopen() Error: failed to open stream: Permission denied](http://stackoverflow.com/questions/7665093/php-fopen-error-failed-to-open-stream-permission-denied) – GordonM Nov 06 '12 at 13:22

2 Answers2

2

This is a permission problem with Linux. Try:

chmod 777 path/to/test.txt

at the command line.

EDIT: Here is a great article on Linux file permissions. http://www.tuxfiles.org/linuxhelp/filepermissions.html

EDIT 2: I might add, setting the appropriate permissions for a file is the only way PHP can manipulate said file with file_put_contents, fwrite, etc.

honyovk
  • 2,717
  • 18
  • 26
  • just wondering if this is the case, then the server could be vulnerable? – user1769686 Nov 06 '12 at 13:24
  • 3
    No, the last 7 in the 777 is for `other`. This means any user within the server (local) can edit the specific file you grant such permissions to. – honyovk Nov 06 '12 at 13:31
2

The html directory is currently owned by root, but under Fedora the web server runs as the "apache" user. (see "Apache File Security" section of https://fedoraproject.org/wiki/Administration_Guide_Draft/Apache?rd=Docs/Drafts/AGBeta/Apache )

So, as root, do:

 chown -R apache:apache /var/www/html/
 chmod -R 770 /var/www/html

The first makes the web server own the directory. The second makes sure that only users in the "apache" group can read/write files. It also says that no other users on the machine can even read them.

If you ever need another user to be able to write files into your web tree, add them to the "apache" group.

Darren Cook
  • 27,837
  • 13
  • 117
  • 217
  • This is a good solution, however opening an entire web directory to the `apache` group & user is not a good practice from a high-security standpoint. – honyovk Nov 06 '12 at 14:13
  • @MBJ Yes, if there are files/sub-directories which you keep under your /var/www/html directory tree but that you don't want to be servable by Apache, then change their ownership to myuser:myuser and permission to 700. If you have files/sub-directories you want to be read-only for Apache/PHP scripts, but writeable by another user, then change ownership to myuser:apache, and change permission to 750. (But both those are fairly unusual use-cases, and deserve their own StackOverflow question :-) – Darren Cook Nov 06 '12 at 23:47