fopen append works, fopen write fails (but truncates the file)

---

• From: Hans Fredrik Nordhaug <hansfn@xxxxxxxxx>
• Date: Mon, 30 Jul 2007 23:35:07 +0000 (UTC)

---

To anyone reading comp.lang.php - sorry reposting here.

I'm trying to write to a file in the current directory (which has been
uploaded by FTP, not created by PHP) - no remote files involved. The
subject says it all - I can add that both the directory and the file
is world-writable. This happens on a (quite good) free hoster in Norway
which doesn't use safe mode, running PHP 5.1.6 as the PHP info below
shows ...

Test it at:
http://home.no.net/moldevbk/fopen-test/?mode=w (write - fails)
http://home.no.net/moldevbk/fopen-test/?mode=a (append - ok)
http://home.no.net/moldevbk/fopen-test/p.php - PHP info
http://home.no.net/moldevbk/fopen-test/fopen-test.phps - source code
of test script.

I have searched the web and usenet, but not found this problem
mentioned before. I do realize that I can work around the problem by
truncating the file first and then appending to the empty file - but
that is ugly as ...

If I delete the file I'm trying to write to, fopen with w mode creates
the file (with owner "nobody") and no errors occurs after that.
Apperently PHP is able to write to the file when it's owned by
"nobody", the webserver user, but not when it's owned by the user
"moldevbk" even if the permission 666. This is something I would expect to
happen if safe mode was on, but it's not. (Append mode works in both
situation.)

What is going? How can fopen truncate the file, but not being able to
write any content to it?

Hans

PS! The comp.lang.php thread:
http://groups.google.com/group/comp.lang.php/browse_frm/thread/05f202af7c9b2a73/

--
+ It's GNU/Linux, not Linux -> http://www.gnu.org/gnu/linux-and-gnu.html
+ Support the Free Software Foundation -> http://member.fsf.org/
+ Become an Open Directory Project Editor -> http://dmoz.org/
.

---

• Prev by Date: Re: [PHP] audio recorder
• Next by Date: Re: need insights on encrypting and uploading ASCII file using PHP
• Previous by thread: audio recorder
• Next by thread: Re: need insights on encrypting and uploading ASCII file using PHP
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: fopen - append works, write fails (but file is truncated) ... hoster in Norway which doesn't use safe mode, ... PHP info below shows ... ... The folder is already set to 777 as the URL ... the webserver user is "nobody" which isn't part of the group users. ... (comp.lang.php) [Full-disclosure] copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2 ... PHP is an HTML-embedded scripting language. ... The PHP safe mode is an attempt to solve the shared-server security problem. ... if (wrapper!= NULL) ... (Full-Disclosure) Re: IIS6 and PHP ... Enable the PHP scripting language engine under Apache. ... ; every request. ... Maximum number of persistent links. ... Default host for mysql_connect(doesn't apply in safe mode). ... (microsoft.public.inetserver.iis) Re: fopen - append works, write fails (but file is truncated) ... PHP info below shows ... ... the file (with owner "nobody") and no errors occurs after that. ... happen if safe mode was on, ... Append mode works in both ... (comp.lang.php) PHP <= 5.2.5 Safe Mode Bypass ... PHP <= 5.2.5 Safe Mode Bypass ... "PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML." ... string tempnam ... AmnPardaz Security Research & Penetration Testing Group ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

coding.derkeiler.com  > Archive  > PHP  > php.general  > 2007-07