[BBpress] uploaded avatars get 600 permissions

Join our forum today, it's free!

Register now and get access to all php class downloads!
Members are able to post new topics and comments.
Create a member profile and share your social profile links.
The abbility to follow your favorite forum topics.

PHP Script Forums » bbpress plugins and modifications

[BBpress] uploaded avatars get 600 permissions

(3 posts)

Tags:

Started 3 months ago by fl00r
Latest reply from fl00r

Great offers for webmaster, blogger and web developer!

fl00r
Member

On my BBpress site I have the possibility for users to upload their avatar.
For this purpose I installed Avatar Upload. Everything is working fine, except the uploaded avatars aren't shown on the website

The avatars are stored in the /avatar folder in the root of my site.
Although I have cmod the top folder (avatar) to 755, when a user
uploads a avatar the avatar file gets 600 permissions and thus doesn't
show up on the website.

I have tested it on a server at another hosting company and there the
avatar files inherit the permissions of the top folder (e.g. 755)

I contacted the hosting company and they cam up with the below answer:

On PHP versions up to 5.2.7, the function move_uploaded_file() creates a destination file that is either mode 0600 or 0644 depending on whether move_uploaded_file() needed to copy the file across filesystems.

If the file can be moved (renamed), then the resulting file is mode 0600, because the file was originally created with mkstemp. If the file needs to be copied, the resulting mode is 0644 instead (assuming a "normal" umask of 022).

When a customer calls us and asks to have the upload_tmp_dir value set we generally set it to /vservers/<homedir>/tmp

This causes a problem with file uploads in our shared Linux environment as this directory is on the same filesystem as the folder the customer is attempting to write the file upload to. This means the file will be "moved" and will have a value of 0600 causing it to be unreadable by PHP.

The best solution is to us the chmod command to adjust file permissions of the file after it has been uploaded and moved to the correct location:
chmod("$uploadedfile", 0644);

I am in no mean a PHP guru so I don't know how to solve this.
Should there be an extra line in the code to chmod the uploaded file?

Please enlighten me.

Thanks,

Ben

Posted 3 months ago #
Olaf
PHP Coder
THIS IS A BAD SERVER SETUP!

okay, check the folder named "addintional-files" and open the file "avatar-upload.php".
locate the code below the row (107)

// Did we move the image to the avatar folder successfully?

change the "if" statement to:
```
if ($img_errs == 0 && !@move_uploaded_file($img_temp, BBPATH . $config->avatar_dir . $user_filename) )
	{
		$img_errs = 11;
	} else {
		chmod(BBPATH . $config->avatar_dir . $user_filename, 0644);
	}
```
Posted 3 months ago #
fl00r
Member

THIS IS A BAD SERVER SETUP!

I know, it wasn't my choice to host the site here

Anyway, I changed the code and now it works like a charm!

Don't know how to thank you: you're the BEST Olaf!

Thank you so much!!

Posted 3 months ago #

RSS feed for this topic

Reply

You must log in to post.