How do I give PHP write access to a directory?

75
votes

I'm trying to use PHP to create a file, but it isn't working. I am assuming this is because it doesn't have write access (it's always been the problem before). I tried to test if this was the problem by making the folder chmod 0777, but that just ended up making every script in that directory return a 500 error message until I changed it back. How do I give PHP write access to my file system so it can a create a file?

Edit: It is hosted on Hostgator shared hosting using Apache.

Edit 2: Someone asked for the code: The code is a GD image script. I know the rest of it works as previously I was creating the image every ime it was called. Now I am trying to create them when new text is added and save them to a folder. The write line I have is: imagejpeg(null,$file,85);

I also created a test file to check if it was just a broken script (mainly copied from tizag): http://gearboxshow.info/rkr/lesig.jpg/testfile.txt (I don't know if/how to post the code here properly. Here is the contents of the PHP script, minus PHP tags.)

It returns 13,13,1 (separate lines), so it looks as if it thinks it wrote something, but the testfile.txt is blank (I uploaded a blank one), or non-existent (if I delete it).

Edit 3: The server runs CentOS.

12
phpfile-permissionschmod
Is this a server you control or are you on a shared server?webbiedave
Hostgator shared hosting. Apache.Leagsaidh Gordon
What OS is the server running on? If it's Linux, you should make sure that the apache user (the exact user name will depend on your setup - often httpd or www-data under Linux) has write access to the directory. You can change the owner to the same user as apache (using chown) and set give the owner write access (e.g. "chmod 755") or you can make it world writable (e.g. "chmod 777").El Yobo
@El Yobo: Don't make it 777 ... let's be sensible about chmod please.Jan K.

12 Answers

63
votes

An easy way is to let PHP create the directory itself in the first place.

<?php
 $dir = 'myDir';

 // create new directory with 744 permissions if it does not exist yet
 // owner will be the user/group the PHP script is run under
 if ( !file_exists($dir) ) {
     mkdir ($dir, 0744);
 }

 file_put_contents ($dir.'/test.txt', 'Hello File');

This saves you the hassle with permissions.

35
votes

Set the owner of the directory to the user running apache. Often nobody on linux

chown nobody:nobody <dirname>

This way your folder will not be world writable, but still writable for apache :)

27
votes

Simple 3-Step Solution

Abstract: You need to set the owner of the directory to the user that PHP uses (web server user).

Step 1: Determine PHP User

Create a PHP file containing the following:

<?php echo `whoami`; ?>

Upload it to your web server. The output should be similar to the following:

www-data

Therefore, the PHP user is www-data.

Step 2: Determine Owner of Directory

Next, check the details of the web directory via the command line:

ls -dl /var/www/example.com/public_html/example-folder

The result should be similar to the following:

drwxrwxr-x 2 exampleuser1 exampleuser2 4096 Mar 29 16:34 example-folder

Therefore, the owner of the directory is exampleuser1.

Step 3: Change Directory Owner to PHP User

Afterwards, change the owner of the web directory to the PHP user:

sudo chown -R www-data /var/www/example.com/public_html/example-folder

Verify that the owner of the web directory has been changed:

ls -dl /var/www/example.com/public_html/example-folder

The result should be similar to the following:

drwxrwxr-x 2 www-data exampleuser2 4096 Mar 29 16:34 example-folder

Therefore, the owner of example-folder has successfully been changed to the PHP user: www-data.

Done! PHP should now be able to write to the directory.

10
votes

1st Figure out which user is owning httpd process using the following command

ps aux | grep httpd

you will get a several line response like this:

phpuser   17121  0.0  0.2 414060  7928 ?        SN   03:49   0:00 /usr/sbin/httpd

Here 1st column shows the user name. So now you know the user who is trying to write files, which is in this case phpuser You can now go ahead and set the permission for directory where your php script is trying to write something:

sudo chown phpuser:phpuser PhpCanWriteHere
sudo chmod 755 PhpCanWriteHere
4
votes

You can change the permissions of a folder with PHP's chmod(). More information on how to use the command is here: http://php.net/manual/en/function.chmod.php

If you get a 500 Error when setting the permissions to 777 (world writable), then it means your server is setup to prevent executing such files. This is done for security reasons. In that case, you will want to use 755 as the highest permissions on a file.

If there is an error_log file that is generated in the folder where you are executing the PHP document, you will want to view the last few entries. This will give you an idea where the script is failing.

For help with PHP file manipulation, I use http://www.tizag.com/phpT/filewrite.php as a resource.

3
votes

I found out that with HostGator you have to set files to CMOD 644 and Folders to 755. Since I did this based on their tech support it works with HostGator

3
votes

I had the same problem:

As I was reluctant to give 0777 to my php directory, I create a tmp directory with rights 0777, where I create the files I need to write to.

My php directory continue to be protected. If somebody hackes the tmp directory, the site continue to work as usual.

3
votes

You can set selinux to permissive in order to analyze.

    # setenforce 0

Selinux will log but permit acesses. So you can check the /var/log/audit/audit.log for details. Maybe you will need change selinux context. Fot this, you will use chcon command. If you need, show us your audit.log to more detailed answer.

Don't forget to enable selinux after you solved the problem. It better keep selinux enforced. 

    # setenforce 1
3
votes

Best way in giving write access to a directory..

$dst = "path/to/directory";
mkdir($dst); 
chown($dst, "ownername");
chgrp($dst, "groupname");
exec ("find ".$dst." -type d -exec chmod 0777 {} +");
2
votes

chmod does not allow you to set ownership of a file. To set the ownership of the file you must use the chown command.

2
votes

I'm running Ubuntu, and as said above nobody:nobody does not work on Ubuntu. You get the error:

chown: invalid group: 'nobody:nobody'

Instead you should use the 'nogroup', like:

chown nobody:nogroup <dirname>
0
votes

Tiny little hint!

echo whoami;

make sure you use BACK QUOTES NOT single quotes ' ' !

(of course now the back quotes don't show up in this editor! oh well, I tried!)