no matter how I set permissions, I'm unable to write a file

I'm probably missing something obvious, but I'm unable to write a file
with this function. I've used my FTP software to set permissions to
777 on all the files in question. I've tried r, r+, w, and w+ as
possible ways of opening the files.

The first fopen is trying to create a file where none exists. It fails
(thought I've set dir permissions to 777 as well). How can I create a
file?

There error messages print back the full input, so clearly the
variables are caputured and they have all the info that I expect to be
there. They just don't open the files.

The first attempt to create a file prints out my error message like
this:

"Error: in fileUpdate(), we tried to create a back up of your file and
give it the name backup_ppArrangementsAdmin/createnewslettersForm.php
, but we failed."

The second attempt to write to the existing file prints, in part, like
this:

"Error: in fileUpdate, something went wrong and we were unable to save
the document called ' ppArrangementsAdmin/createnewslettersForm.php '.
You'd written:" - it then gives me everything I'd written.

Anyone see what I'm missing?






function fileUpdate() {
$controllerForAll = & getController();
$updateObject = & $controllerForAll->getObject("McTransactions", " in
the function fileUpdate().");
$resultsObject = & $controllerForAll->getObject("McResults", " in the
function fileUpdate().");

$formInputs = $GLOBALS["formInputs"];

if (is_array($formInputs)) {
extract($formInputs);

$fileName = $fileName;
$fileContent = $fileContent;
$fileNameOld = $fileNameOld;
$fileContentOld = $fileContentOld;

$fileNameBackup = "backup_".$fileNameOld;
$fp = @fopen($fileNameBackup, "w+");
$success = @fwrite($fp, $fileContentOld);
@fclose($fp);
if ($success) {
$resultsObject->addToResults("We created a back up of your file and
gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");
} else {
$resultsObject->addToResults("Error: in fileUpdate(), we tried to
create a back up of your file and give it the name $fileNameBackup ,
but we failed.");
}

if (is_writable($filename)) {
$fp = @fopen($fileName, "r+");
$success = @fwrite($fp, $fileContent);
@fclose($fp);
}

if ($success) {
$resultsObject->addToResults("We successfully saved the $fileName
document.");
} else {
$fileContent = htmlspecialchars($fileContent);
$resultsObject->addToResults("Error: in fileUpdate, something went
wrong and we were unable to save the document called ' $fileName '.
You'd written: $fileContent ");
}
} else {
$resultsObject->error("In fileUpdate, we assumed we were going to be
given a set of data called formInputs, but for some reason we got no
such thing.", "fileUpdate");
}


}

re: no matter how I set permissions, I'm unable to write a file

lawrence wrote:
[color=blue]
> I'm probably missing something obvious, but I'm unable to write a file
> with this function. I've used my FTP software to set permissions to
> 777 on all the files in question. I've tried r, r+, w, and w+ as
> possible ways of opening the files.
>
> The first fopen is trying to create a file where none exists. It fails
> (thought I've set dir permissions to 777 as well). How can I create a
> file?
>
> There error messages print back the full input, so clearly the
> variables are caputured and they have all the info that I expect to be
> there. They just don't open the files.
>
> The first attempt to create a file prints out my error message like
> this:
>
> "Error: in fileUpdate(), we tried to create a back up of your file and
> give it the name backup_ppArrangementsAdmin/createnewslettersForm.php
> , but we failed."
>
> The second attempt to write to the existing file prints, in part, like
> this:
>
> "Error: in fileUpdate, something went wrong and we were unable to save
> the document called ' ppArrangementsAdmin/createnewslettersForm.php '.
> You'd written:" - it then gives me everything I'd written.
>
> Anyone see what I'm missing?
>
>
>
>
>
>
> function fileUpdate() {
> $controllerForAll = & getController();
> $updateObject = & $controllerForAll->getObject("McTransactions", " in
> the function fileUpdate().");
> $resultsObject = & $controllerForAll->getObject("McResults", " in the
> function fileUpdate().");
>
> $formInputs = $GLOBALS["formInputs"];
>
> if (is_array($formInputs)) {
> extract($formInputs);
>
> $fileName = $fileName;
> $fileContent = $fileContent;
> $fileNameOld = $fileNameOld;
> $fileContentOld = $fileContentOld;
>
> $fileNameBackup = "backup_".$fileNameOld;
> $fp = @fopen($fileNameBackup, "w+");
> $success = @fwrite($fp, $fileContentOld);
> @fclose($fp);
> if ($success) {
> $resultsObject->addToResults("We created a back up of your file and
> gave it the name $fileNameBackup . If you need to restore the old
> version, go back to that file.");
> } else {
> $resultsObject->addToResults("Error: in fileUpdate(), we tried to
> create a back up of your file and give it the name $fileNameBackup ,
> but we failed.");
> }
>
> if (is_writable($filename)) {
> $fp = @fopen($fileName, "r+");
> $success = @fwrite($fp, $fileContent);
> @fclose($fp);
> }
>
> if ($success) {
> $resultsObject->addToResults("We successfully saved the $fileName
> document.");
> } else {
> $fileContent = htmlspecialchars($fileContent);
> $resultsObject->addToResults("Error: in fileUpdate, something went
> wrong and we were unable to save the document called ' $fileName '.
> You'd written: $fileContent ");
> }
> } else {
> $resultsObject->error("In fileUpdate, we assumed we were going to be
> given a set of data called formInputs, but for some reason we got no
> such thing.", "fileUpdate");
> }
>
>
> }[/color]

Haven't reviewed your code, but out of experience, what about permissions to
the folder in question ?

--
Peace and long life ...
Registeret Linux user #292411

re: no matter how I set permissions, I'm unable to write a file

lawrence wrote:
[color=blue]
> I'm probably missing something obvious, but I'm unable to write a file
> with this function. I've used my FTP software to set permissions to
> 777 on all the files in question. I've tried r, r+, w, and w+ as
> possible ways of opening the files.[/color]

Possibly need to use absolute paths so the server knows exactly where
the directory structure is. I always use a base path so files other than
in the directory I want are being overwritten.

<snip>
[color=blue]
> function fileUpdate() {
> $controllerForAll = & getController();
> $updateObject = & $controllerForAll->getObject("McTransactions", " in
> the function fileUpdate().");
> $resultsObject = & $controllerForAll->getObject("McResults", " in the
> function fileUpdate().");
>
> $formInputs = $GLOBALS["formInputs"];
>
> if (is_array($formInputs)) {
> extract($formInputs);
>
> $fileName = $fileName;[/color]

I'd suggest trying something more like:

$fileName= dirname(__FILE__).str_replace('../','',$fileName);

Where the directories you want to write into are located at the same
level as the file that contains this function declaration.

For instnace:

thisfile.php
writable_dir1/
writable_dir2/
etc...
[color=blue]
> $fileContent = $fileContent;
> $fileNameOld = $fileNameOld;
> $fileContentOld = $fileContentOld;
>
> $fileNameBackup = "backup_".$fileNameOld;[/color]

Same thing here. Use an absolute base path. This will _help_ with
preventing some bad holes from appearing, but the biggest thing to
remember: *DON'T* *TRUST* *USER* *INPUT* - even if it is from a posted form.

<snip>

--
Justin Koivisto - spam@koivi.com
PHP POSTERS: Please use comp.lang.php for PHP related questions,
alt.php* groups are not recommended.
SEO Competition League: http://seo.koivi.com/