Any PHP experts??
 

Is it correct that PHP can only delete files or folders owned by apache (or created using php)? If that is correct, is there a way around it?

I want a script Im writing to auto delete some files that were uploaded by ftp. I tried getting php to chmod the files to 777 but it wont do that even?

yes it is correct. File with 7 for everybody should be read, modified and deleted by nobody (apache) without problems.

can you give us a little more details and I'm sure there is a solution.
Why are you using a php script to do this that is being run by user apache?

Its a cms of sorts, and Im uploading the big pics, then php crops the thumbs and copies the thumbs and the bigger photos to where they are meant to be. So apache is taking ownership of those files. Im wanting to then delete the source files.

Ive actually managaged to get the files deleted, now its not deleting the folder and is saying operation not permitted.

Ill work on it some more today, Its something im doing wrong in my code :mad:

Thanks for your help!

Actually I havent managed to delete the files either. It worked as I set permissions on that folder in ftp.

The issue is that it wont let me chmod files that apache doesnt own with php.

You can't do anything apache can't.

You can't delete files if they are not owned by apache and dir permissions are not set properly. If you want to delete files/folders, apache has to be the owner corresponding file and directory. This all doesn't have anything to do with php per se, but how your server is setup. You'll have to read up on unix permissions to see what you can and can't do. You can't delete the folder again, if the upper folder doesn't give you permissions to do so, or you're not the owner of the folder. Then there's various other security settings that might be preventing you to do things that normally you could. Ask your host for help since you don't know it.

To actually delete and do whatever the fuck you want, you'd need to suid yourself in php environment. This is ofcourse a big big no no and if you actually chose this route, you can expect to have alot bigger problems on your hands. Rather work with host and figure out what/where you want to modify with apache perms and set permissions accordingly.

This isn't a PHP limitation, but rather a *nix "limitation" - and with good reason. A user that doesn't have permissions to delete a file shouldn't be allowed to delete that file!

You could try creating a new FTP user that is a member of the same group as Apache, and only using that user to upload the images.

You could also just change the permissions of your source files after you have uploaded them.

Or you could look into the dangerous exec() and system() functions, which you could probably use to temporarily elevate permissions while you delete the files.

What about chown() which php.net says will attempt to change ownership of the file. Is that considered dangerous to use?

Thanks for your help btw, I really apreciate the answers :)

This will still execute chown as the current user (apache). You should talk to your server administrator about the various options you have without compromising server security.

Your issue is umask. It changes the ownership of the files that were chmod via php. You can try using the shell to chmod the files... when I started doing that it fixed my permissions issues.