nsForum logo

Welcome Guest ( Log In )

 
Reply to this topicStart new topic
> Php File Writing Does Not Work
BoBAgi
post Aug 31 2015, 09:26 AM
Post #1





Group: Verified NS Member
Posts: 37
Joined: 25-April 13
Member No.: 20,658



I have a check file located in a cgi-bin/data directory.
The reason it is located there is that I want it to be "out of reach" for website hacking in the htdocs tree.
This file is used to limit the number of times a user is allowed to download certain files from the site.
They get a download code from us in order to download a file and there is a form into which they enter this code. The PHP script handling the download request verifies the entered code and username against a file with valid codes, which we update through our internal system, and if ok it sends the target file as the response to the submit. This file is read from cgi-bin/data.

The way to limit the number of downloads I try to use is to have a second code file in the same dir where for each successful request the PHP script writes the code (appending) to the file.
And this file is checked at the beginning of the request for the supplied code. If it exists then the download is denied.

I have verified that all PHP functions work as expected except for one and this is the function that writes the used code to the file. I get no errors but the file is simply not updated.
Here is the function I use:

CODE
function SaveUsedCode($code)
{
  global $usedcodes;
    
  $ret = FALSE;
  if ($fh = @fopen($usedcodes, 'a'))
  {
    fwrite($fp, $code . PHP_EOL);
    $ret = TRUE;
    fclose($fh);
  }
  return $ret;
}


$usedcodes is defined at the top of the script as:
CODE
$usedcodes = $_SERVER["DOCUMENT_ROOT"] . "/../cgi-bin/data/usedeidcodes.txt";

The reading from this file in order to verify against double use works fine (I have manually entered codes there), but the SaveUsedCode seems not to be able to write anything to the file even though I have set permissions to 777 on it.
Go to the top of the page
 
+Quote Post
Craig
post Aug 31 2015, 08:25 PM
Post #2





Group: Administrators
Posts: 988
Joined: 23-June 08
From: Pennsylvania
Member No.: 1,317



QUOTE (BoBAgi @ Aug 31 2015, 10:26 AM) *
I have a check file located in a cgi-bin/data directory.
The reason it is located there is that I want it to be "out of reach" for website hacking in the htdocs tree.
This file is used to limit the number of times a user is allowed to download certain files from the site.
They get a download code from us in order to download a file and there is a form into which they enter this code. The PHP script handling the download request verifies the entered code and username against a file with valid codes, which we update through our internal system, and if ok it sends the target file as the response to the submit. This file is read from cgi-bin/data.

The way to limit the number of downloads I try to use is to have a second code file in the same dir where for each successful request the PHP script writes the code (appending) to the file.
And this file is checked at the beginning of the request for the supplied code. If it exists then the download is denied.

I have verified that all PHP functions work as expected except for one and this is the function that writes the used code to the file. I get no errors but the file is simply not updated.
Here is the function I use:

CODE
function SaveUsedCode($code)
{
  global $usedcodes;
    
  $ret = FALSE;
  if ($fh = @fopen($usedcodes, 'a'))
  {
    fwrite($fp, $code . PHP_EOL);
    $ret = TRUE;
    fclose($fh);
  }
  return $ret;
}


$usedcodes is defined at the top of the script as:
CODE
$usedcodes = $_SERVER["DOCUMENT_ROOT"] . "/../cgi-bin/data/usedeidcodes.txt";

The reading from this file in order to verify against double use works fine (I have manually entered codes there), but the SaveUsedCode seems not to be able to write anything to the file even though I have set permissions to 777 on it.

Typo in your code. You use $fh when creating the file handle, but $fp when trying to use it. Unless you turn errors on, php doesn't throw the error. I tried it on my hosting with error_reporting(E_ALL); and it gave me an error on that line.
Go to the top of the page
 
+Quote Post
BoBAgi
post Sep 1 2015, 12:19 AM
Post #3





Group: Verified NS Member
Posts: 37
Joined: 25-April 13
Member No.: 20,658



QUOTE (Craig @ Aug 31 2015, 08:25 PM) *
Typo in your code. You use $fh when creating the file handle, but $fp when trying to use it. Unless you turn errors on, php doesn't throw the error. I tried it on my hosting with error_reporting(E_ALL); and it gave me an error on that line.

Thanks for your help! I had looked at the code many times and still did not see this...
Copy-paste error, I guess.
By the way I have uncommented this error checking switch at the top of my PHP script:
CODE
<?php
ini_set('display_errors', '1');    //Uncomment this if there are problems...

But it did not show any errors nevertheless...
So I thought it must be a permissions error somehow.
Now it is working as I aimed for it to work. (IMG:http://forums.networksolutions.com/style_emoticons/default/rolleyes.gif)
Go to the top of the page
 
+Quote Post
Craig
post Sep 1 2015, 06:04 AM
Post #4





Group: Administrators
Posts: 988
Joined: 23-June 08
From: Pennsylvania
Member No.: 1,317



QUOTE (BoBAgi @ Sep 1 2015, 01:19 AM) *
Thanks for your help! I had looked at the code many times and still did not see this...
Copy-paste error, I guess.
By the way I have uncommented this error checking switch at the top of my PHP script:
CODE
<?php
ini_set('display_errors', '1');    //Uncomment this if there are problems...

But it did not show any errors nevertheless...
So I thought it must be a permissions error somehow.
Now it is working as I aimed for it to work. (IMG:http://forums.networksolutions.com/style_emoticons/default/rolleyes.gif)

The default error_reporting setting in the system php.ini tells it which errors to display, so it doesn't matter if you have display_errors on if error_reporting isn't set to show anything.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
Tags
No Tag inserted yet

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

RSS Lo-Fi Version    Network Solutions © 2011 Time is now: 26th March 2017 - 02:01 AM
Domain Names | Web Hosting | Web Design | Shopping Cart Software | Online Marketing | SSL Certificates