Upload Files to Upload Directory Permissions Issue2 users found helpful
Unable to copy file to storage directory. Please check permissions on your upload directory and ensure they can be written to by your web server.
Is there another directory that I need to change the permissions on? If so, can someone give me the path to it?
; Whether to allow HTTP file uploads.
file_uploads = On
; Temporary directory for HTTP uploaded files (will use system default if not
;upload_tmp_dir = tmp
; Maximum allowed size for uploaded files.
upload_max_filesize = 9M
Are you trying to upload files via the Dashboard file manager or via something else, like Gallery?
Is the /packages directory set to 777 recursively?
chmod -r 777 files
However there is nothing in the c5 directory currently to edit. How do I go about issuing this command?
Do the same for the packages folder.
I hope it works :)
Safe mode is off, file permissions are all set ok. i have checked everything mentioned above.
the only thing i can see in my phpinfo is that upload_tmp_dir has no value?
i have a dedicated fashosts linux server. anyone elese had similar problems moving a site to a new server?
I'm having the same issue with my Fasthosts Linux server. PHP Safe Mode is off and also files directory is set to 777 and I cleared sit cache. Did you manage to fix this problem in the end?
I have checked all user and file permissions, as far as I can tell, all are properly set.
PHP Safe Mode is a different issue, below is what I got from my client's host who discourages turning off safe mode. I believe their requirements are met as well. Regardless, still cannot write to files directory, and I'm also getting cannot write on the site map XML which I find impossible to comprehend, as its permissions are fine also.
The rules for writing files in PHP Fast mode (i.e. with safe_mode enabled) are very simple:
1. The permissions of the file (and/or its parent directory, especially when creating the file) must allow the operation.
2. The file being written and the top-level PHP script being called must be owned by the same user, the same group, or both.
Corresponding to these rules, there are two main steps to follow to set up successful file writing:
1. Set the parent directory you will be writing files in to group web with 775 permissions.
2. Set the top-level PHP script doing the writing to group web with 644 permissions.
By taking these two steps, you will ensure that the destination is writeable and that both the source (the PHP script) and the destination (the file/directory) share the "web" group, thus satisfying both rules. This is the most reliable and secure approach.
The biggest problem people encounter implementing these steps is usually identifying the PHP script that needs to be set to group web. Some people resolve this by simply changing all their PHP scripts to be owned by group web. This approach can work, but requires that more care be paid to file permissions to avoid security issues. We prefer to chgrp only the scripts that actually write files.
It can be counterintuitive that the PHP file that needs to be owned by the web group is the top-level one, not necessarily the one that has the actual file-writing commands. (And, more to the point, often not the one that shows up in a safe_mode-related error message.) If you have access to it, the PHP $_SERVER['SCRIPT_FILENAME'] variable can tell you what the top-level script is. If not (for example for a third-party app like Wordpress or Drupal), your site's access log or error log can usually help you identify it. For popular apps, you can also ask in our forums or check our member wiki for more info on what scripts to chgrp.
We urge people to avoid the urge to both chgrp everything and to set the permissions of everything as group-writeable. (Some apps require/recommend this type of setup in order to allow them to auto-update themselves via the web; doing so trades security for ease of use and is a practice we discourage.) PHP's security track record is not very good, and our system security is designed primarily to protect sites from each other; it does not (cannot) protect sites from themselves. So while "write everything" may work initially, and it seems "easiest," sooner or later a flaw will be found in your site's PHP code or in PHP itself, and if your site is full of group-web writeable files, hackers will make short work of it. Please keep in mind the old adage, "If you don't have time to do it right, how will you have time to do it over?"
Therefore, the final rule of thumb for writing files in PHP is not to set anything to be both owned by group web and group-writeable unless you don't mind restoring it from backup after hackers get to it. We hope this encourages you to both be conservative in what you allow PHP to write, and to keep good backups. :-)
In addition to this, i want to add that, if you are using plesk, cpanel or another panel software in your dedicated server; you have to change these values (safe mode and open base_dir) to "off" in panel software's configuration file.
(For example, if you are using plesk panel; you have to change "zz010_psa_httpd.conf" instead of httpd.conf or php.ini )
Is having that dir and its contents set to 777 hazardous/dangerous for any reason?
Worked for us.