PHP upload permission problem

Question

right guys ive ran into a problem with file permissions with the following upload form. a text file is passed to the upload/ dir by global users.

mysite$ ls          


        

Answer 1

move_uploaded_file uses umask(600). Use copy($source, $dest) instead of move.

Answer 2

You can use chmod to change the file permissions.

To get the permissions of a file, use fileperms.

Answer 3

The user, that initially writes the files into your "/upload" directory, is the one that started the Apache instance running a PHP module.

In other words, PHP is the "owner" of all uploaded files and through a PHP script you can change the permissions of all relevant uploaded files without providing any credentials at all:

PHP chmod function

A quick and dirty hack to make uploaded files writable to all users would be

else 
      {
      move_uploaded_file($_FILES["file"]["tmp_name"], 
      $f="/home/user/mysite/upload/" . $_FILES["file"]["name"]); 
      chmod($f, 0777);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"]; 
      }