A secure way to handle file uploads

[Noellium]

I'm wondering if there's a way to upload files with an HTML form without having to make the directory I'm uploading to writable (777, 757, etc). I've read the file uploading tutorial/article at PHP, and I tried chmoding the directory to 777 using chmod() through the script. And when that didn't work, I tried using the method with ftp_site() used by the latest note (by zual__ at gogo dot mn on the chmod() article). That didn't work either, and I heard at another message that I needed to set group to Apache (which is why I posted my other thread). That didn't work either, so I now I'm wondering if I'm doing something wrong. Here's my code:

using chmod()

PHP Code:

chmod($upload_dir, 0777); 


using ftp_site()

PHP Code:

$connection = ftp_connect($ftp_server);
$uploaded_filename = basename($_FILES['userfile']['name']);
$uploaded_file = $upload_dir . '/' . $uploaded_filename;
if(!$connection)
    die('Unable to connect...');
if(!ftp_login($connection, $ftp_user, $ftp_pass))
    die('Unable to login...');
if(!ftp_site($connection, 'CHMOD 0777, ' . $upload_dir))
    die('Unable to CHMOD'); 


using chgrp()

PHP Code:

chgrp($upload_dir, 'httpd'); 


I remember reading somewhere that the FTP root is different from the regular root path (like if your root path is /home/username/public_html, your FTP root path would be /public_html or something like that, I'm not sure what it would be like for shared hosting accounts here, which is what I have).

So, is there something I'm doing wrong or am I missing something? Is this some sort of server-related thing? Thanks!

[Justec]

Well none of the chgrp or chmod is going to work in the script if you dont have access. You will need to login on an FTP client and set it to 777 that way.

[Noellium]

Hmm...I see. Okay. Thanks for the reply then.

[Jack Matier]

In order to chgrp I believe you'd need permissions to do just that. Since your scripts are running as as username/username I take it you're a regular user contained within your own group.

I don't think you can even change your own owner/group either, which makes sense because then you could make it something you can't access.

That leaves us with chmod, which should work on your own owner/group files. But I'm not sure it requires execute permissions... aren't all php files considered executables by the apache/litespeed server with the way its set up?

I'd have to do testing on this. Your code looks good, though I admit I have no experience with ftp_connect.

The initial proposition of this seems a bit silly to me:
"I'm wondering if there's a way to upload files with an HTML form without having to make the directory I'm uploading to writable."

I interpreted as that you'd like to have it as a non-writable directory for all other intents but uploading, which in that case you should be able to do... using chmod by making it writable just for that upload.

[Justec]

Most setups run as the web user, like apache. So you have 2 options make it so that anyone can read it or make it so that group can read it and change the group on the files you need to access to the web user.

I think there is suPHP which can run as a particular user, but not sure if steadfast uses that. There was also this really cool apache module that would run each thread as the actual user, but it was never finished and no one is working on it which kind of sucks.

[Kevin]

Our LiteSpeed server uses SuExec PHP, but the older ones do not.

[Noellium]

The initial proposition of this seems a bit silly to me:
"I'm wondering if there's a way to upload files with an HTML form without having to make the directory I'm uploading to writable."

I interpreted as that you'd like to have it as a non-writable directory for all other intents but uploading, which in that case you should be able to do... using chmod by making it writable just for that upload.

You mean chmoding the directory to 777, upload the file and chmod the directory back to 755? It doesn't seem to work through the script.

Most setups run as the web user, like apache. So you have 2 options make it so that anyone can read it or make it so that group can read it and change the group on the files you need to access to the web user.

Ahh, I would do the second one if I could change the group..

Actually, now I can see PHP errors I get (ever since I got my site to use PHP 5, so here's the error I get whenever I run this script:

Code:

Warning: ftp_chmod(): ./upload: No such file or directory in [script filename] on line [line number] Unable to CHMOD

Oh yeah, and the reason why I want to do it through the script, rather than chmoding it manually is because for this guy's web site. He wants to be able to upload files through an HTML form without using an FTP client. I would be happy to just leave it as 777, if it weren't unsafe.