Form to File

Anon

Hi,

I'm trying to use PHP to take information from a form and create a HTML file on my site. It seems the only way to give permission for PHP to do this, however, is to give a directory on my server full read/write/execute permissions to the world. I'd rather not do that.

Is there a more secure way to do this?

Thanks.

Anon

The only really secure way of doing anything like this is to make sure you have your own dedicated server that only authorized people can get into. However, since this is not usually the case due to shared hosting, it's kind of a catch 22.
Assuming your webserver runs as user "www" group "www", you could just give ownership and write access of the directory to that user. However, if you don't have root on the machine, you yourself will be unable to write to the directory. Also, if this is shared hosting, everyone else's PHP scripts would be able to write to the directory as well. You could try changing the permissions to the directory only when the script is executing, then changing them back at the end, but it's still not an overly secure way of doing things.

So, I guess my answer is really that I don't have an answer. If anyone does know of a good way of delegating permissions, please let us both know 🙂

-Jim Keller
http://www.centerfuse.net