-1

My function below works, but in Linux, some files and folders are not removed, I believe it is, the server does not allow to be running in browser.

If I run the function in shh or give permission for 777 shh or ftp, files and folders are deleted normally.

But the server blocked permission change for browser.

I guess I need to run my pagina.php the shell, but how to do this in a pagina.php running on the browser?

My function:

<?php
    function deleteItem($item) {
        if (file_exists($item)) {
            if (is_dir($item)) {
                $folders = scandir($item);
                foreach ($folders as $folder) {
                    if ($folder != '.' && $folder != '..') {
                        $file = $item . "/" . $folder;
                        if (filetype($file) == "dir") {
                            deleteItem($file);      
                        } else {
                            unlink($file);
                        }   
                    }               
                }
                reset($folders);
                rmdir($item);               
            } else {            
                unlink($item);          
            }                        
        }
    }
?>
Dexxtz
  • 570
  • 5
  • 22
  • 2
    PHP doesn't run in the browser. It runs on the server. The server then sends the output to the browser. – Quentin Oct 14 '14 at 15:25
  • What happens when you try to run pagina.php from the browser? Do you get a "is not within the allowed path(s):" error or anything? – JNevill Oct 14 '14 at 15:27
  • but how do I work 100% removing all files and folders that I pass? @Quentin – Dexxtz Oct 14 '14 at 15:27
  • some files and folders that returns is not allowed, despite not having permission some are removed @JNevill – Dexxtz Oct 14 '14 at 15:29
  • Perhaps it's related to this: http://stackoverflow.com/questions/1846882/open-basedir-restriction-in-effect-file-is-not-within-the-allowed-paths – JNevill Oct 14 '14 at 15:30
  • thank you I will check the server, why all files are as root(0) @JNevill – Dexxtz Oct 14 '14 at 15:33

2 Answers2

1

Your page is running on Apache i guess ?

Anyway, the idea is to give write access on those files and directories to your web server serving your page to the browser.

Since he runs PHP to serve your page, the unlink() commands are ran in its name, not yours. the best practice here is to give full privileges to your webserver on the files he's serving/manilulating inside the public directories (accessible under www root), in clear, he must own the directories to delete, and they should be inside www root.

Notice : it can be dangerous to give write privileges to your webserver outsite www directory.

Wissem Garouachi
  • 51
  • 5
  • I understand that is prerigoso give permission, but via php / browser can not give permission, the server will not let – Dexxtz Oct 14 '14 at 15:34
  • permission must be recursive, and that my code will have to run on any server, can not go manually give permission – Dexxtz Oct 14 '14 at 15:37
  • Of course it will not let you do such a thing ! it's up to you (on the server side using SSH typically) to make sure that your webserver has write access to those files before running your web page – Wissem Garouachi Oct 14 '14 at 15:37
  • what i can suggest is to manage your business logic in a way that let you place those files to delete into a directory under your www root (which must be owned by your webserver) and make sure the person/program that puts them there, gives the webserver their ownership (via chmod/chown) – Wissem Garouachi Oct 14 '14 at 15:43
0

The solution was to alert the User to change the permissions of that was not possible to remove, and rotate and refresh the page.

Dexxtz
  • 570
  • 5
  • 22