From admin panel i successfully upload images. In home page can`t view images in full screen (with lightbox). In images directory all new images are in 600 permissions after i change permissions to 755 full screen work fine. Permissions on folder image and cache are 777. My hosting is based on ispcpomega http://isp-control.net/ and work with virtual users.
http://img233.imageshack.us/img233/1257 ... os3.th.jpg[/img]
Changing the permission to 755 make the file executable, this is not needed for images. Setting the permission to 644 on images should be sufficient.If full screen works fine at 755 why not just leave it there?
However, the real issue here, is that the permissions of 600 are applied to the image on upload to the server, which subsequently make the file unreadable by anyone but the owner.
Modules for OpenCart 2.3.0.2
Homepage Module [Free - since OpenCart 0.7.7]
Multistore Extensions
Store Manager Multi-Vendor/Multi-Store management tool
If you're not living on the edge ... you're taking up too much space!
I have other administrator which add new products. When go to travel can`t fix permission immediately. What change should make in javascript to work with 600 permissions on images? Other solution is edit image.php to able upload image with correctly permissions?Qphoria wrote: If full screen works fine at 755 why not just leave it there?
Sorry for my english
Your english is fine.
you will need to change the save function in library\filesystem\upload.php as follows
you will need to change the save function in library\filesystem\upload.php as follows
Code: Select all
function save($key, $file)
{
if (file_exists($file))
{
@unlink($file);
}
$status = @move_uploaded_file($_FILES[$key]['tmp_name'], $file);
if ($status)
chmod($file, 0644);
return $status;
}
Great job @bruce everything work fine. This is what i needbruce wrote: Your english is fine.
you will need to change the save function in library\filesystem\upload.php as follows
Code: Select all
function save($key, $file) { if (file_exists($file)) { @unlink($file); } $status = @move_uploaded_file($_FILES[$key]['tmp_name'], $file); if ($status) chmod($file, 0644); return $status; }
Best Regards !
chmod() won't work in all system environments, sometimes it errors because it uses the filesystem to achieve it.
You can make it silent, by adding an @ in front of the commend. ie: @chmod()
Further more, you only need to make it readable by all, you can use a+r
All this aside, I am on the understanding that you need to set the permissions of new files somewhere.
You can make it silent, by adding an @ in front of the commend. ie: @chmod()
Further more, you only need to make it readable by all, you can use a+r
Code: Select all
function save($key, $file)
{
if (file_exists($file)) @unlink($file);
$status=@move_uploaded_file($_FILES[$key]['tmp_name'], $file);
if ($status) @chmod($file, 'a+r');
return $status;
}
That's the same as 0644hm2k wrote: Further more, you only need to make it readable by all, you can use a+r
Pardon? Do you mean, after uploading an image through the admin, that I then have to log in using a terminal or ftp client to set the correct permissions? If that is the case, why have an image upload function?All this aside, I am on the understanding that you need to set the permissions of new files somewhere.
Permissions on the uploaded file are set by the server operator (apache) for the owner to read and write, but the group and everyone else can't. Remember, you are NOT the owner of the uploaded files, the server operator is.
Modules for OpenCart 2.3.0.2
Homepage Module [Free - since OpenCart 0.7.7]
Multistore Extensions
Store Manager Multi-Vendor/Multi-Store management tool
If you're not living on the edge ... you're taking up too much space!
I think you should read up on chmod. I think you mean 644.fido-x wrote: That's the same as 0644
The reason for using a+r is that even if it's 477, it'll change it to 677, rather than always 644. This means it'll have no affect on other permissions, only the read ones, which is what we want.
No, I do not. There's a setting in many operating systems and web servers that tells the system what permissions new files should have. For example, his system is probably set to something like 444, where as if new files were set to 644, he wouldn't be seeing this problem.Pardon? Do you mean, after uploading an image through the admin, that I then have to log in using a terminal or ftp client to set the correct permissions? If that is the case, why have an image upload function?
Permissions on the uploaded file are set by the server operator (apache) for the owner to read and write, but the group and everyone else can't. Remember, you are NOT the owner of the uploaded files, the server operator is.
The ownership of the file has very little to do with this, because the point is to set the file to all read. This is also especially true if you use something like suphp, as any good admin should do.
Hope this helps explain it further.
No. I mean 644. It is the last number that sets the permission for "everybody else". The numbers represent permissions for owner, group, and everybody else - in that order.hm2k wrote: I think you should read up on chmod. I think you mean 644.
True. This is set in the php configuration. The following is from php.ini:-There's a setting in many operating systems and web servers that tells the system what permissions new files should have. For example, his system is probably set to something like 444, where as if new files were set to 644, he wouldn't be seeing this problem.
Code: Select all
[Session]
; Handler used to store/retrieve data.
session.save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
;
; As of PHP 4.0.1, you can define the path as:
;
; session.save_path = "N;/path"
;
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
;
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
;
; The file storage module creates files using mode 600 by default.
; You can change that by using
;
; session.save_path = "N;MODE;/path"
;
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
session.save_path = /var/lib/php
Modules for OpenCart 2.3.0.2
Homepage Module [Free - since OpenCart 0.7.7]
Multistore Extensions
Store Manager Multi-Vendor/Multi-Store management tool
If you're not living on the edge ... you're taking up too much space!
Ah, yes, sorry my mistake. I've not had my morning coffee yetfido-x wrote: No. I mean 644. It is the last number that sets the permission for "everybody else". The numbers represent permissions for owner, group, and everybody else - in that order.
. Still using a+r has it's benefits.You're on the right path with the php.ini, however it's sometimes a filesystem issue.
I guess it depends on who admins his server and what the environment is.
I found this comment -
You should use @copy() instead of @move_uploaded_file().
at http://bugs.php.net/bug.php?id=42291On all current PHP versions, move_uploaded_file() creates a
destination file that is either mode 0600 or 0644 (on Linux,
anyway), depending on whether move_uploaded_file() needed to copy
the file across filesystems.
If the file can be moved (renamed), then the resulting file is mode
0600, because the file was originally created with mkstemp. If the
file needs to be copied, the resulting mode is 0644 instead
(assuming a "normal" umask of 022).
You should use @copy() instead of @move_uploaded_file().
Modules for OpenCart 2.3.0.2
Homepage Module [Free - since OpenCart 0.7.7]
Multistore Extensions
Store Manager Multi-Vendor/Multi-Store management tool
If you're not living on the edge ... you're taking up too much space!
Sure, but then you'd have to unlink the temp file too... so copy()&unlink() vs move_uploaded_file()&chmod() really...fido-x wrote: I found this comment -at http://bugs.php.net/bug.php?id=42291On all current PHP versions, move_uploaded_file() creates a
destination file that is either mode 0600 or 0644 (on Linux,
anyway), depending on whether move_uploaded_file() needed to copy
the file across filesystems.
If the file can be moved (renamed), then the resulting file is mode
0600, because the file was originally created with mkstemp. If the
file needs to be copied, the resulting mode is 0644 instead
(assuming a "normal" umask of 022).
You should use @copy() instead of @move_uploaded_file().
Unlink? The temporary file gets deleted automatically when the script finishes executing, ie. after the temporary file is copied.hm2k wrote: Sure, but then you'd have to unlink the temp file too... so copy()&unlink() vs move_uploaded_file()&chmod() really...
Modules for OpenCart 2.3.0.2
Homepage Module [Free - since OpenCart 0.7.7]
Multistore Extensions
Store Manager Multi-Vendor/Multi-Store management tool
If you're not living on the edge ... you're taking up too much space!
I think i'm gonna run with move_uploaded_file()&chmod() as move_uploaded_file is designed for use with uploaded files, which is what we are trying to do here.
I'll follow this up here: http://forum.opencart.com/index.php/topic,2367.0.html
I'll follow this up here: http://forum.opencart.com/index.php/topic,2367.0.html
Who is online
Users browsing this forum: No registered users and 23 guests
![http://img233.imageshack.us/img233/1257 ... os3.th.jpg[/img]](http://img233.imageshack.us/my.php?image=snapshotos3.jpg){kind=link}