Using php-fpm, nginx, CentOS 6.4 File being called = register.php I cannot create a file in my directory /.../wingd/profiles
Goal: Generate user profiles by creating files when a user registers for my website.
Error:
Warning: fopen(profiles/test.txt): failed to open stream: Permission denied in /usr/share/nginx/wingd/register.php on line 150
In my register.php
I have:
$file = fopen("profiles/test.txt", "w") or die("Unable to open file!");
Things I have tried:
chmod 777
for all files and folders associated (/usr/share/nginx/wingd/profiles all directories listed to the left all are 777 at the moment including 'register.php' (I understand 777 is a security concern and will worry about security later on once I understand the current issue and how to fix)
Have used:
echo 'Current script owner: ' . get_current_user() . "<br>";
echo 'posix: '.posix_getuid()."<br>";
echo getcwd()."<br>";
$last_line = system('whoami', $retval);
echo $last_line . " " . $retval;
which has shown me that the script owner and the runner of the script is the nginx user.
/etc/php-fpm.d/www.conf
and see that 'user = nginx' and 'group = nginx' currently /var/www
folder and I see a lot of these forum posts about similar issue referring to /var/www
(is this an apache thing only?) strace php register.php
su nginx
and then use touch command to touch /profiles/test.txt. It did create the file without error php-fpm
is using for a username and what its permissions are set to, not sure how to do this. I saw on another stackoverflow topic that php may be using a username of apache and I tried giving that user ownership of files and got no where. I am not sure what else I can try.
Code:
<?php
include ("config.php");
?>
<html>
<body>
<a href="index.php">Index</a><br>
<form name="registrationForm" method="post" onsubmit="return validateForm()">
<input type="text" class="form-control" placeholder="Enter username" name="username"><font color="red">*</font>
<input type="text" class="form-control" placeholder="Enter email address" name="email"><font color="red">*</font>
<input type="password" class="form-control" placeholder="Enter password" name="password"><font color="red">*</font>
<input type="text" class="form-control" placeholder="Enter first name" name="first"><font color="red">*</font>
<input type="text" class="form-control" placeholder="Enter last name" name="last"><font color="red">*</font>
<input type="text" class="form-control" placeholder="Enter zip code" name="zip"><font color="red">*</font>
<input class="btn btn-default" type="submit" name="submit" value="Submit">
</form>
<?php
ini_set('display_errors',1);
error_reporting(E_ALL);
if (isset($_POST['submit'])){
//if($_SERVER["REQUEST_METHOD"] == "POST"){
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$first = $_POST["first"];
$last = $_POST["last"];
$zip = $_POST["zip"];
// Check connection
if ($db->connect_error) {
die("Connection failed: ".$db->connect_error);
}
//flag to detect if the username exists in db
$flag = 0;
$sql = "SELECT username FROM users WHERE username = '".$username."';";
$result = $db->query($sql);
if ($result->num_rows > 0) {
$flag = 1;
}
//If the username already exists then alert the user, else insert the record to the db and send user to login.php
if ($flag == 1){
echo "<script>alert(\"Sorry, that username is already taken. Please choose another.\");</script>";
}
else {
$sql = "INSERT INTO users (first, last, username, email, password, zip) VALUES ('".$first."', '".$last."', '".$username."', '".$email."', '".$password."', '".$zip."')";
if ($db->query($sql) === TRUE) {
//echo "Registration successful";
//$filename = "/profiles/".$username.".php";
//chmod($filename,0777);
echo 'Current script owner: ' . get_current_user() . "<br>";
echo 'posix: '.posix_getuid()."<br>";
echo getcwd()."<br>";
$last_line = system('whoami', $retval);
echo $last_line . " " . $retval;
$file = fopen("profiles/test.txt", "w") or die("Unable to open file!");
//$txt = "This is a user profile for ".$username;
//fwrite($file, $txt);
fclose($file);
//header('Location: login.php');
} else {
echo "Registration error, please try again later.";
}
}
}
$db->close();
?>
</body>
So I am no longer going to try to implement my idea by creating potentially hundreds, thousands, etc.. of user profile files on my server but rather follow what seems to be convention now to just have one profile page that is then populated with data based on parameters. That parameter (like user id or username) could then be used in a pull from the database and voila, you dont have TONS of files and is much better also for security concerns. Thanks for all who took the time to read, and/or respond to this to help me. Hope this post will help other users with my same tech stack and initial design thoughts in the future.. Takeaway: Ask how to best solve the problem/idea rather than asking how to best fix the issue you are dealing with, with your current design/implementation idea.
See the following for a better explanation and code snippet: Generate Profile Page Upon Registration - PHP
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.