I'm very new at this job (system administrator for a small Web - based company) and have been given the task of writing some SOAP-based data exchange pages. I need to know how to safely allow a PHP file, called from a HTML page, to write to a file in a directory on my Linux machine. I can do so, but only by setting the global permissions to write/read/execute... not a good thing for security. Does any one have any othe ideas? PW protection is not out of the question.
You have to set global to 7(read/write/execute) because when PHP is running a script called from the web it is doing so as the web user(apache user). You could try having your webscript call a perl script to write to the file without changing permissions on the file/directory.
basically before you upload the file, you need to chmod the dir
chmod("files", 777);
that should give you full read/write/excute access
basically the higher the number, the more access you have
