/    Sign up×
Community /Pin to ProfileBookmark

[RESOLVED] Reading/Writing to text file with limited permissions

Copy linkTweet thisAlerts:
Jul 20.2009

Hi everyone!

I have a standard PHP script that reads and writes to a text file (so the fopen, fwrite, etc.)

However, my problem is that should you type the path of the text file into the address bar, you can see its contents. I would like to disable access to this file by limiting the permissions on the file.

I was thinking setting the permissions at 600 would allow the PHP script to read and edit the file, and at the same time, deny access to the file should anyone attempt to view it, however, I get an access denied error on the php script.

How can I solve this problem, preferably without using a chmod command? Also, if I use a chmod command, would that slow down the loading of the php script?

Thanks

to post a comment
PHP

8 Comments(s)

Copy linkTweet thisAlerts:
@DaiWelshJul 20.2009 — Either store the txt file outside the webroot (preferable)or deny access to it via the web using .htaccess file (assuming apache). File permissions are not intended for the sort of thing you are trying to do here.

HTH,

Dai
Copy linkTweet thisAlerts:
@MindzaiJul 20.2009 — Yes, storing outside DocumentRoot is the correct solution here.
Copy linkTweet thisAlerts:
@bokehJul 20.2009 — I was thinking setting the permissions at 600 would allow the PHP script to read and edit the file, and at the same time, deny access[/QUOTE]Err, no! To write to a file with 600 permissions the webserver/php would need to be the owner. And if the webserver were the owner it would not have any problem reading or serving the file.
Copy linkTweet thisAlerts:
@aommasterauthorJul 20.2009 — Hi guys!

Thank you all for your replies.

From DaiWelsh's reply:
Either store the txt file outside the webroot (preferable)[/QUOTE]
I'm a bit new to how web design works when it comes to server folders. When I FTP in, the root folder I am seeing is the public_html, correct?

How/Where would I go about storing this file? Would it be in one of the directories above this folder?

Thanks again
Copy linkTweet thisAlerts:
@aommasterauthorJul 20.2009 — Hi guys!

Alrighty, I managed to figure out what you meant by putting it into the home directory. Thanks for the help!

By the way, what would the permissions on files be correctly used for? I intended on using it the wrong way. What uses are the permissions for files/folders?
Copy linkTweet thisAlerts:
@DaiWelshJul 20.2009 — There are all sorts of sysadmin uses for permissions, but personally doing web dev on shared hosting that I don't control (in a sysadmin sense) the only time I usually worry about permissions is when I want my script to be able to create files (e.g. file upload) in which case you may need to set write permissions on the directory, depending on what user the webserver runs as.
Copy linkTweet thisAlerts:
@aommasterauthorJul 20.2009 — Okay. Thanks for the info ?
Copy linkTweet thisAlerts:
@MindzaiJul 20.2009 — Usually files are 644 (octal), directories are usually 755.
×

Success!

Help @aommaster spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 6.2,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @meenaratha,
tipped: article
amount: 1000 SATS,

tipper: @meenaratha,
tipped: article
amount: 1000 SATS,

tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,
)...