what the heck does "permissions 33279" mean?

lk******@geocities.com wrote:

... It uses
fileperms() to get the permissions of the file, and it includes that
info in any error message...
... I'm being told that
permissions are really 33279. What the heck does that mean?

33279 (decimal) = 100777 (octal)

I have no idea what that 1 is doing there.
Maybe you would be better off using one of the examples at

http://www.php.net/fileperms

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!

>> ... It uses

fileperms() to get the permissions of the file, and it includes that
info in any error message...
... I'm being told that
permissions are really 33279. What the heck does that mean?

33279 (decimal) = 100777 (octal)

I have no idea what that 1 is doing there.

The upper bits of the file permissions, which you cannot change
with chmod, typically indicate the type of the file (regular file,
directory, socket, symlink, named pipe, etc. ).

Gordon L. Burditt

How do I ask a RedHat Linux box what the hell its permissions mean? No
wait, maybe that is not the problem. Is fileperms ever wrong? My FTP
client says the permissions are simply 777. But PHP cannot change the
file.

lk******@geocities.com wrote:

How do I ask a RedHat Linux box what the hell its permissions mean? No
wait, maybe that is not the problem. Is fileperms ever wrong? My FTP
client says the permissions are simply 777. But PHP cannot change the
file.

You can't change it if you don't have permission to modify data held
about it in the directory. So, if that's set to 555 ( ignoring
ownerships for the sake of example ), then you can't change the file.

Steve

I'm not sure I understand you. The permissions seem to be set to 777.
Why would PHP lack, as you say, "permission to modify data held about
it in the directory". What kind of data are you referring to? Is there
another layer of permisions in Linux that has nothing to do with the
numbers?

Let me ask this question more generally. How do I troubleshoot this
problem? My PHP code is not being allowed to change a file. My FTP
client says permissions on the file (and also the directory that it is
in) is set to 777. How do I track down what the problem is? What
questions do I ask? My code has a fair amount of error checking, but
none of it quite reveals the problem. The permissions were, I thought,
set to 33279 which I thought was funny, but it now it seems, based on
what Graca and Burditt said, that that resolves itself to 777. So how
do I find out what the problem is?
<?php

function fileUpdate() {
// 12-08-04 - we want to make it easy for people to customize their
own installations of
// the software, so want to make it easy for them to edit those
arrangements that make up
// the control panel.
$controllerForAll = & getController();
$resultsObject = & $controllerForAll->getObject("McResults", " in the
function fileUpdate().");

// 12-08-04 - since PHP will cache file info, we need to clear the
cache if we are doing multiple
// things which might cause a "true" result to become "false" or vice
versa.
clearstatcache();

$formInputs = $GLOBALS["formInputs"];

if (is_array($formInputs)) {
extract($formInputs);

// 04-05-04 - we need to trim white space off the ends of these, and
neutralize any dangerous code
// that hackers have tried to slip in.
$fileName = trim($fileName);
$fileContent = trim($fileContent);
$fileNameOld = trim($fileNameOld);
$fileContentOld = trim($fileContentOld);
$fileName = htmlspecialchars($fileName);
$fileNameOld = htmlspecialchars($fileNameOld);
// 04-05-04 - an easy hacker attack would be to overwrite much needed
files, outside the correct directory.
// Therefore we need to take control of what directory is being
written to.
$fileNameRecord = $fileName;
$len = strlen($fileName);
$char = "";
$count = 0;
// 12-08-04 - this next bit is too clever. Basically, we expect the
file name at this point to look
// like this:
//
// ppArrangementsAdmin/editweblogPagesForm.php
//
// We want to strip off the "ppArrangementsAdmin/" part. So we walk
through till we get to
// the first "/". Then we take the rest of the filename and proceed.
If there is still a "/"
// in the filename after this, we can assume some hacker was trying
to make some kind of
// attack, and so we'll throw an error.
while ($count < $len && $char != "/") {
$char = substr($fileName, 0, 1);
$fileName = substr($fileName, 1);
$count++;
}
$location = strpos($fileName, "/");
if (is_numeric($location)) {
$resultsObject->addToResults("We were unable to update this file.
The file name is invalid. It should not contain more than one '/'
(forward slash). This is what we got: $fileNameRecord . Problem in
fileUpdate()", "fileUpdate");
} else {
$config = getConfig();
$pathToNeededFiles = $config["pathToNeededFiles"];

$formData = $GLOBALS["formData"];
$fileType = $formData["fileType"];
if ($fileType == "public") {
$fileName = "ppArrangementsPublic/".$fileName;
} else {
$fileName = "ppArrangementsAdmin/".$fileName;
}

$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = @ fopen($fileNameBackup, "w+");

if ($fp) {
$fileContentOld = stripslashes($fileContentOld);
$success = @ fwrite($fp, $fileContentOld);
$isClosed = @ fclose($fp);

if ($success) {
$resultsObject->addToResults("We created a back up of your file
and gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");

$fp = @fopen($fileName, "w+");
$fileContent = stripslashes($fileContent);
$success2 = @fwrite($fp, $fileContent);
@fclose($fp);

if ($success2) {
$resultsObject->addToResults("We successfully saved the
$fileName document.");
} else {
$fileContent = htmlspecialchars($fileContent);
$resultsObject->addToResults("In fileUpdate, something went
wrong and we were unable to save the document called ' $fileName '. The
file permissions were set to '$perm'. You'd written: $fileContent ");
}
} else {
$fileContent = stripslashes($fileContent);
$fileContent = htmlspecialchars($fileContent);
$resultsObject->addToResults("In fileUpdate(), we tried to create
a back up of your file and give it the name $fileNameBackup , but we
failed. The file permissions were set to '$perm'. Because of the risk
of overwriting your only copy, we have not tried to update the file.
Here is what you'd written: $fileContent");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' so we could edit it, but we were not able to open it. It's
permissions were set to '$perm'", "fileUpdate");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' but it does not exist.", "fileUpdate");
}
}
} else {
$resultsObject->error("In fileUpdate, we assumed we were going to be
given a set of data called formInputs, but for some reason we got no
such thing.", "fileUpdate");
}
}


?>

On 9 Dec 2004 11:26:43 -0800, lk******@geocities.com wrote:

I'm not sure I understand you. The permissions seem to be set to 777.
Why would PHP lack, as you say, "permission to modify data held about
it in the directory". What kind of data are you referring to? Is there
another layer of permisions in Linux that has nothing to do with the
numbers?
As posted by others, fileperms returns not only the file permissions, but also
the bits representing the type of the file. This is all bunched together within
the filesystem. To see permissions, you should only look at specific bits, and
convert to octal for the usual convention of 777 = wide open permissions.

The manual has an example function to convert fileperms bits into readable
form, and this also gives some idea how to isolate the permissions bits.

http://uk2.php.net/manual/en/function.fileperms.php
Let me ask this question more generally. How do I troubleshoot this
problem? My PHP code is not being allowed to change a file. My FTP
client says permissions on the file (and also the directory that it is
in) is set to 777. How do I track down what the problem is? What
questions do I ask? My code has a fair amount of error checking, but
none of it quite reveals the problem. The permissions were, I thought,
set to 33279 which I thought was funny, but it now it seems, based on
what Graca and Burditt said, that that resolves itself to 777. So how
do I find out what the problem is? $fp = @ fopen($fileNameBackup, "w+");

Wouldn't it be a good idea to remove the @ error-suppression operator? Since
you don't know why the open is failing, and you've only printed out a generic
message of your own invention in response, it would be valuable to see the
actual error message that PHP raises.

Disk full, quota exceeded, locked by another process (possibly depending on
filesystem there) are all potential reasons why a 777-permission file couldn't
be opened for writing.

--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool

--------------------------
Wouldn't it be a good idea to remove the @ error-suppression operator?
Since
you don't know why the open is failing, and you've only printed out a
generic
message of your own invention in response, it would be valuable to see
the
actual error message that PHP raises.
--------------------------

That is a good idea. I removed all the error suppressors and got this:

Warning: fopen("", "w+") - Success in
/home/httpd/vhosts/yoganinjaalliance.org/httpdocs/ppExtras/fileUpdate.php
on line 71

I can not imagine what this means and I'm confused why the warning has
the word "Success" in it. I'm also uncertain why the fopen is showing
double double-quotes for the first parameter, as if no file name was
given to it. My code first checks that the file exists, so it's not
possible that I'm passing an empty string to fopen:
$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileNameBackup, "w+");

if ($fp) {
$fileContentOld = stripslashes($fileContentOld);
$success = fwrite($fp, $fileContentOld);
$isClosed = fclose($fp);

if ($success) {
$resultsObject->addToResults("We created a back up of your file
and gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");

$fp = fopen($fileName, "w+");
$fileContent = stripslashes($fileContent);
$success2 = fwrite($fp, $fileContent);
fclose($fp);

lk******@geocities.com wrote:

Warning: fopen("", "w+") - Success in
/home/httpd/vhosts/yoganinjaalliance.org/httpdocs/ppExtras/fileUpdate.php
on line 71
<snip>
$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld); ^^^^^^^^^^^^
Where did this variable come from?
$fp = fopen($fileNameBackup, "w+");

<snip>

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!

The variable you are pointing to is simply the old name of the file,
with "backup" appended. I make a backup to protect people from making a
stupid mistake.

I should add that we had a server on Interland and this code worked
without a hitch, on servers running Free BSD. We've recently switched
to a new server on Rackspace running RedHat Linux. I'm not sure, but
I'd guess that is when the problem started. But, as I say, my test file
and test folder have permissions set to 777, so it is hard to imagine
why the code isn't working.

<?php

function fileUpdate() {
// 12-08-04 - we want to make it easy for people to customize their
own installations of
// the software, so want to make it easy for them to edit those
arrangements that make up
// the control panel.
$controllerForAll = & getController();
$resultsObject = & $controllerForAll->getObject("McResults", " in the
function fileUpdate().");

// 12-08-04 - since PHP will cache file info, we need to clear the
cache if we are doing multiple
// things which might cause a "true" result to become "false" or vice
versa.
clearstatcache();

$formInputs = $GLOBALS["formInputs"];

if (is_array($formInputs)) {
extract($formInputs);

// 04-05-04 - we need to trim white space off the ends of these, and
neutralize any dangerous code
// that hackers have tried to slip in.
$fileName = trim($fileName);
$fileContent = trim($fileContent);
$fileNameOld = trim($fileNameOld);
$fileContentOld = trim($fileContentOld);
$fileName = htmlspecialchars($fileName);
$fileNameOld = htmlspecialchars($fileNameOld);
// 04-05-04 - an easy hacker attack would be to overwrite much needed
files, outside the correct directory.
// Therefore we need to take control of what directory is being
written to.
$fileNameRecord = $fileName;
$len = strlen($fileName);
$char = "";
$count = 0;
// 12-08-04 - this next bit is too clever. Basically, we expect the
file name at this point to look
// like this:
//
// ppArrangementsAdmin/editweblogPagesForm.php
//
// We want to strip off the "ppArrangementsAdmin/" part. So we walk
through till we get to
// the first "/". Then we take the rest of the filename and proceed.
If there is still a "/"
// in the filename after this, we can assume some hacker was trying
to make some kind of
// attack, and so we'll throw an error.
while ($count < $len && $char != "/") {
$char = substr($fileName, 0, 1);
$fileName = substr($fileName, 1);
$count++;
}
$location = strpos($fileName, "/");
if (is_numeric($location)) {
$resultsObject->addToResults("We were unable to update this file.
The file name is invalid. It should not contain more than one '/'
(forward slash). This is what we got: $fileNameRecord . Problem in
fileUpdate()", "fileUpdate");
} else {
$config = getConfig();
$pathToNeededFiles = $config["pathToNeededFiles"];

$formData = $GLOBALS["formData"];
$fileType = $formData["fileType"];
if ($fileType == "public") {
$fileName = "ppArrangementsPublic/".$fileName;
} else {
$fileName = "ppArrangementsAdmin/".$fileName;
}

$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileNameBackup, "w+");

if ($fp) {
$fileContentOld = stripslashes($fileContentOld);
$success = fwrite($fp, $fileContentOld);
$isClosed = fclose($fp);

if ($success) {
$resultsObject->addToResults("We created a back up of your file
and gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");

$fp = fopen($fileName, "w+");
$fileContent = stripslashes($fileContent);
$success2 = fwrite($fp, $fileContent);
fclose($fp);

if ($success2) {
$resultsObject->addToResults("We successfully saved the
$fileName document.");
} else {
$fileContent = htmlspecialchars($fileContent);
$resultsObject->addToResults("In fileUpdate, something went
wrong and we were unable to save the document called ' $fileName '. The
file permissions were set to '$perm'. You'd written: $fileContent ");
}
} else {
$fileContent = stripslashes($fileContent);
$fileContent = htmlspecialchars($fileContent);
$resultsObject->addToResults("In fileUpdate(), we tried to create
a back up of your file and give it the name $fileNameBackup , but we
failed. The file permissions were set to '$perm'. Because of the risk
of overwriting your only copy, we have not tried to update the file.
Here is what you'd written: $fileContent");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' so we could edit it, but we were not able to open it. It's
permissions were set to '$perm'", "fileUpdate");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' but it does not exist.", "fileUpdate");
}
}
} else {
$resultsObject->error("In fileUpdate, we assumed we were going to be
given a set of data called formInputs, but for some reason we got no
such thing.", "fileUpdate");
}
}


?>

lk******@geocities.com wrote:

I should add that we had a server on Interland and this code worked
without a hitch, on servers running Free BSD. We've recently switched
to a new server on Rackspace running RedHat Linux. I'm not sure, but
I'd guess that is when the problem started. But, as I say, my test file
and test folder have permissions set to 777, so it is hard to imagine
why the code isn't working.

<snip>

Safe mode, perhaps?
or open_basedir?

http://www.php.net/manual/en/features.safe-mode.php

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!

Good thoughts, but when I run phpinfo(), it looks like safe mode is
off. I beneath the basedir, so I'm not sure how that could forbid
operations. A sample of the phpinfo output :

highlight.string
#CC0000 #CC0000
html_errors
On On
ignore_user_abort
Off Off
implicit_flush
Off Off
include_path
..:/usr/share/pear .:/usr/share/pear
log_errors
Off Off
magic_quotes_gpc
On On
magic_quotes_runtime
Off Off
magic_quotes_sybase
Off Off
max_execution_time
30 30
open_basedir
/home/httpd/vhosts/publicdomainsoftware.org/httpdocs:/tmp no value
output_buffering
no value no value
output_handler
no value no value
post_max_size
8M 8M
precision
14 14
register_argc_argv
On On
register_globals
On On
safe_mode
Off Off
safe_mode_exec_dir
no value no value
safe_mode_gid
Off Off
safe_mode_include_dir
no value no value
sendmail_from
me@localhost.com me@localhost.com
sendmail_path
/usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i

Anyone have any ideas about why I can't rewrite this file? File
permissions are 777, apparently, and the same is true of the folder.
safe_mode seems to be off, judging from the output of phpinfo(). I'm
inside of the basedir limits. What else could be the problem?

On 9 Dec 2004 21:15:59 -0800, lk******@geocities.com wrote:

That is a good idea. I removed all the error suppressors and got this:

Warning: fopen("", "w+") - Success in
/home/httpd/vhosts/yoganinjaalliance.org/httpdocs/ppExtras/fileUpdate.php
on line 71

I can not imagine what this means and I'm confused why the warning has
the word "Success" in it. I'm also uncertain why the fopen is showing
double double-quotes for the first parameter, as if no file name was
given to it.
Print the parameter given to the function to prove this.
My code first checks that the file exists, so it's not
possible that I'm passing an empty string to fopen:

$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
Given that the variable you use in file_exists is not the one that you use in
the fopen call, it does not necessarily follow that "My code first checks that
the file exists" implies that "it's not possible that I'm passing an empty
string to fopen".

Your code has not checked the contents of $fileNameOld anywhere. It could well
be empty. The only occurrences of writes to $fileNameOld are:

$fileNameOld = trim($fileNameOld);
$fileNameOld = htmlspecialchars($fileNameOld);

$filenameOld apparently comes in from external input (via
extract($formInputs)). You've not posted what $formInputs contains.
$fp = fopen($fileNameBackup, "w+");

Put "print $fileNameBackup;" on a line before this. Assuming this is line 71.
Also print out $fileNameOld. If in doubt, print everything so you can prove
what the values are rather than just asserting that a condition is not
possible.

--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool

-------------------
Your code has not checked the contents of $fileNameOld anywhere. It
could well
be empty.
-------------------

Hot tip! I added a check for $fileNameOld and isolated the error,
nothing else, and suddenly the function worked:

$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

if (!file_exists($fileNameOld)) {
$resultsObject->error("In fileUpdate() we went looking for a file
with the old name of '$fileNameOld' but no such file existed.",
"fileUpdate");
}
$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileNameBackup, "w+");

if ($fp) {
$fileContentOld = stripslashes($fileContentOld);
$success = fwrite($fp, $fileContentOld);
$isClosed = fclose($fp);

Yet I can't imagine why this function worked on the old server, but not
on the new one.

---------------------
Your code has not checked the contents of $fileNameOld anywhere. It
could well
be empty.
--------------------

Hot tip! All I had to do was check for that and isolate the error,
nothing else, and suddenly the function works.

I'm left perplexed about why this function worked without a hitch on
our previous server (FreeBSD, PHP 4.06) but was failing on our new
server (RH Linux 9, PHP 4.3). You'd think if that error was going to
trip up the whole function, it would have done before.


$fileName = $pathToNeededFiles.$fileName;
if (file_exists($fileName)) {
$perm = fileperms($fileName);

if (!file_exists($fileNameOld)) {
$resultsObject->error("In fileUpdate() we went looking for a file
with the old name of '$fileNameOld' but no such file existed.",
"fileUpdate");
}
$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileNameBackup, "w+");

if ($fp) {
$fileContentOld = stripslashes($fileContentOld);
$success = fwrite($fp, $fileContentOld);
$isClosed = fclose($fp);