tags:

views:

80

answers:

2
Q: 

Move a file and rename it.

Figured PHP's rename would be my best bet. I didn't see many examples on how to use relative URLs in it though, so I kind of compromised. Either way, this give me permission denied:

I want to do this:

$file = "../data.csv";
rename("$file", "../history/newname.csv");

Where ../ of course would go back 1 directory from where the script is being ran. I couldn't figure out a way...so I did this instead:

$file = "data.csv";
$path = dirname(realpath("../".$file));
rename("$path/$file", "$path/history/newname.csv");

However I am getting permission denied (yes the history folder is owned by www-data, and yes data.csv is owned by www-data). I thought it was weird so I tried a simple test:

rename( 'tempfile.txt', 'tempfile2.txt' );

and I made sure www-data had full control over tempfile.txt...still got permission denied. Why? does the file your renaming it to have to exist? can you not rename like linux's mv? So I instead just copy() and unlink()?

A: 

Not only ownership plays a role, but also file permissions. Make sure that the permissions are set up correctly on the source file and destination directory (e.g. chmod 644 data.csv).

Is www-data the same user as Apache?

Edit: Take care to provide existing, absolute paths to realpath(). Also beware of the following:

$path = dirname(realpath("../".$file));

This might yield nothing, because the file ../data.csv might not exist. I.e., the result of realpath() on a non-existent file is false.

Here's some code that might work better for you:

$file = "data.csv";
$path1 = realpath($file);
$path2 = realpath(dirname($file).'/..').'/history/newname.csv';
rename($path1, $path2);

You should be extremely careful that $file cannot be edited by the visitor, because he could change a request manipulate which file is renamed to where.

Paul Lammertsma  2010-07-25 23:56:12
Actually `644` would be better, since a CSV file shouldn't be executable.
David Zaslavsky  2010-07-25 23:57:18
yes the chmod is 644, I even tried 777 to get it to work. Nothing is working. and apache is www-data, I know this because I move other stuff around and needed it to be www-data, plus I checked top.
BHare  2010-07-26 00:00:19
The full path to data.csv would be /var/imvu/products/ht/clients/test/data.csv where /var/ is owned by root, imvu through test is owned by wwwftp (an ftp i made so I dont ftp into root). Also like I said, the dir where its going (history) is owned by www-data.
BHare  2010-07-26 00:02:12
Could it be that the file is in use? Can you rename it as administrator?
Paul Lammertsma  2010-07-26 00:02:54
It could of been that, but the test file i made, tempfile.txt was just created by me in root (never opened by anything) , in which i then chmod to 777 and then chowned to www-data...still wont rename.
BHare  2010-07-26 00:04:45
Is there any security features that could be turned on by default or by accident?
BHare  2010-07-26 00:10:37
Please review my edit.
Paul Lammertsma  2010-07-26 00:16:10
+2  A: 

In order to move a file from "../" to "../history/", a process needs write permission to both "../" and "../history/".

In your example, you're obviously lacking write permission to "../". Permissions for the file being moved are not relevant, by the way.

Marc Donges  2010-07-26 00:22:20

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases