| 4:23 pm on Apr 14, 2003 (gmt 0)|
I am not sure how you would do it in PHP but in Perl I simply put the files one level above web root and open the file - read the values into variables - use variables in the connection or whatever.
There are probably clever ways to do it - but this works for me.
| 4:31 pm on Apr 14, 2003 (gmt 0)|
So, in my case (referring to the blurb in my initial post), you'd place the files in /var/www?
I've tried to create a directory there, but I don't have the necessary permissions. It appears the web host has restricted abilities to create anything to my /home structure and anything under the html, cgi-bin and perl directories in /var/www (sensible probably :-).
| 4:43 pm on Apr 14, 2003 (gmt 0)|
Perhaps I'm not understanding something but wouldn't this work?
Consider the new dir location from the point of view of the web directory. I.E. if the new dir is on the same level as www then referring to it is as simple as ../newdir/filename.ext? This is how I work with a similar structure on a few of my websites.
If you're looking for an absolute path then you'll need to work with the symbolic link structure. Create the directory and then figure out the equivalent symbolic link and use that.
| 4:45 pm on Apr 14, 2003 (gmt 0)|
Ah.. just read your latest post.
So you're not allowed to create anything outside of the webroot correct?
| 5:01 pm on Apr 14, 2003 (gmt 0)|
Yes, as far as I can tell, I can only create in web root (and down, of course) and under the /home structure.
Effectively this means that the files must reside somewhere under /home, but how can I refer to that from the web root structure (or can I even do that)?
The symbolic links are under root ownership, but everyting else is mine...
| 5:11 pm on Apr 14, 2003 (gmt 0)|
First let's agree on terminology. When I refer to webroot I mean the equivalent of www.yourdomain.com. If this is also equal to /home/www/ and you can get to and create a dir under /home/ then you're golden. If you can't then you're stuck.
| 5:20 pm on Apr 14, 2003 (gmt 0)|
Yes, I'm familiar with the terminology ;-) It's just the actual doing that lets me down :-)
The web root is actually /var/www/html.
My home directory is /home.
There are 3 symbolic links in my home directory to /var/www/html, /var/www/cgi-bin and /var/www/perl.
I can create anything under /home and within any of the 3 symbolically linked directories above, but nothing anywhere else.
I appreciate your help (and patience) - as you may have guessed, I'm quite new to web building (but I'm an adequate C++ programmer :-).
| 5:46 pm on Apr 14, 2003 (gmt 0)|
Hmm.. so you can't create /var/www/users/ for example?
| 6:07 pm on Apr 14, 2003 (gmt 0)|
No - I've just tried to vi and save a standard text file under /var/www, but it says it can't open the file for writing when I try to save (the file isn't created). I've also tried to create a directory as well, but get the 'Permission denied' message.
I am the admin of the site, so I guess the host must have it locked down?
I've just looked at the permissions of the www directory and it's owned by root...
| 6:14 pm on Apr 14, 2003 (gmt 0)|
Firstly, Welcome to WebmasterWorld [webmasterworld.com]!
Have you got command line access to the server, either Telnet or SSH?
and if so, can you not do a 'chown' on the folder to your user.
Have you also tried putting
into a text file and seeing _exactly_ the location of your files?
[edited by: wruk999 at 6:15 pm (utc) on April 14, 2003]
| 6:15 pm on Apr 14, 2003 (gmt 0)|
What are you using to create the directory with? Have you tried using an FTP program or are you using SSH?
| 6:35 pm on Apr 14, 2003 (gmt 0)|
I'm using SSH. I'll try the chown in a minute or two - eating :-)
| 6:54 pm on Apr 14, 2003 (gmt 0)|
Eating is highly overated. ;) Let us know what you find out.
| 7:10 pm on Apr 14, 2003 (gmt 0)|
>> highly overrated, but unfortunately necessary for life! :( lol
If you are using SSH then you will most likely be logging in as root? hence you will be creating dir's and they will be owned by root.
| 7:18 pm on Apr 14, 2003 (gmt 0)|
Eating was over-rated (but don't tell the wife ;-)
I've logged in and tried to chown 'www', but I'm not permitted.
If I do 'id -un' it tells me that I'm logged in as 'blackcat' (my user name).
I think a mail to my host may be in order...
| 7:24 pm on Apr 14, 2003 (gmt 0)|
I assume then that you cannot create the directory using a standard FTP client either. So, you should contact the host and see if you're missing something. You could create a dir within the webspace and use .htaccess to control permissions but it is riskier.
| 7:37 pm on Apr 14, 2003 (gmt 0)|
Yes, I know about the .htaccess, but I wanted the PHP approach. I'll contact the host and see what they say.
Thanks guys :-)
| 7:50 pm on Apr 14, 2003 (gmt 0)|
I think lorax meant that you could control access to the file directory...not as an actual user control system.
You could protect the text files by only allowing the server to access the directory with the files in.
| 7:55 pm on Apr 14, 2003 (gmt 0)|
>> I think lorax meant that you could control access to the file directory...not as an actual user control system.
That's correct. :)
| 7:55 pm on Apr 14, 2003 (gmt 0)|
I've fired off a query to the host about the way the server is set up (politely, of course).
Ah, I see what you mean about the directory access using .htaccess - I'll read it properly next time ;-)
I'll see what the host replies with, it may well come to that yet...
I've read about allowing only server access Wruk999, but I've no idea how to go about it :-/
| 8:03 pm on Apr 14, 2003 (gmt 0)|
I have only ever used .htaccess for basic user-authentication, and for php user systems I use MySQL.
Maybe it is something along the lines of restricting all access except from your servers IP.
Or the service name of your web server: wwwrun.nobody (as an exmaple)
Lorax, can you advise on this?
| 8:25 pm on Apr 14, 2003 (gmt 0)|
In your .htaccess file use:
|AuthName "Some Name" |
This will not allow anyone to access the dir using HTTP(s) since there is no uname/pwd access file for it to use but it should allow your script to request a file within the dir.
It should be noted that this is not guaranteed secure. But it's better than nothing.
| 8:34 pm on Apr 14, 2003 (gmt 0)|
Thanks guys - I'll try that :-)
| 7:47 pm on Apr 15, 2003 (gmt 0)|
I just want to say a big thank you guys :-)
lorax, the .htaccess example prevented www access to the files, but unfortunately also prevented browser access. I would have perservered, but then I tried wruk999's suggestion of the phpinfo() page...
I created the page, accessed it, downloaded it and then deleted it from the server. It revealed the internal /root path for me and it works a treat :-)
I couldn't have guessed it in a month of Sundays though!
Anyway, thanks for the perserverence guys, it's all working now :-)
| 7:52 pm on Apr 15, 2003 (gmt 0)|
No probs - I'm glad lorax stopped by to hint about the htaccess.
Glad that you got it all sorted out in the end! :)
| 7:58 pm on Apr 15, 2003 (gmt 0)|
>> lorax, the .htaccess example prevented www access to the files, but unfortunately also prevented browser access.
That's correct. That's what it was designed to do. BUT your script should have been able to access anyfiles within that directory. Hopefully you didn't place the .htaccess file in the webroot as it is designed to be placed within a directory that only contains the files you want a script to access.
As long as you have a working solution - that's what matters.