3

我正在尝试在 php 中的 public_html 之外创建一个文件:

fopen("/home/sites/foo.org/backup-ticketing/asu.sql";w)

但是我收到此错误消息。我确信我应该能够以某种方式做到这一点,我只是想不通。该文件夹的权限是711.

[2012 年 8 月 1 日星期三 14:33:54] [错误] [客户端 84.3.2.16] PHP 警告:fopen(/home/sites/foo.org/backup-ticketing/asu.sql)[function.fopen]:未能开放流:第 4 行 /home/sites/foo.org/public_html/back/asu.php 中不允许操作

你能告诉我什么是正确的方法吗?

感谢您的许多建议,现在我有一个附加信息:

php.ini 是 public_html 中的问题,但是我想保持原样,但 /back/ 文件夹应该能够这样做。

这是我的设置:

 file_uploads = Off
 upload_tmp_dir = /var/php_tmp
 upload_max_filesize = 0M
 allow_url_fopen = Off
 allow_url_include = Off
 safe_mode = Off 
 display_errors = off
 magic_quotes_gpc = off
 magic_quotes_runtime =    off
 max_file_uploads=0 
 disable_functions=passthru,exec,phpinfo
 open_basedir  = /home/sites/foo.org/public_html/
4

3 回答 3

3

It seems as PHP's Safe mode or open_basedir are enabled preventing you from what you want to do - so it's simply not allowed and therefore not possible.

You could check if you are allowed to write to some other directory outside of your public directory, often ../tmp or ../temp are there and writable.

You might be able to find out what paths are allowed by open_basedir with

echo ini_get('open_basedir');

Another way around your problem: Put your files in a subdirectory of your public directory and secure it with .htaccess (User/Password, deny all IPs but your ow etc.)

EDIT:

  • Protect directory with username/password via htacces: Use a htaccess generator, or

  • Allow access only from certain IPs: Create a file and name it .htaccess with the content below

    order deny,allow

    deny from all

    allow from 888.888.888.888

于 2012-08-01T14:37:18.510 回答
0

You could try a shell_exec.

there you could exec a script with a different user than the webserver user

http://php.net/manual/de/function.shell-exec.php

于 2012-08-01T14:38:14.097 回答
0

经过研究,我找到了明显的答案:open_basedir = none in php.ini 我虽然有人会觉得有用。

感谢所有的答案,我从他们身上学到了很多。

于 2012-08-01T19:53:00.177 回答