Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Checking File Permissions


Recommended Posts

I was thinking of the permissions on both /admin/includes/configure.php and /includes/configure.php.

 

The user the script is running as may not have sufficient permissions to change the permissions.

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

  • Replies 71
  • Created
  • Last Reply

Top Posters In This Topic

I was thinking of the permissions on both /admin/includes/configure.php and /includes/configure.php.

 

The user the script is running as may not have sufficient permissions to change the permissions.

 

I see , what should I set them to ?

Link to comment
Share on other sites

Hi Geoff

Thanks for a great contribution.

I have installed it and it functions fine, but I have a couple of observations.

 

1)I also get the message below.

 

The admin directory is called catalog

 

 

Warning: chdir() [function.chdir]: No such file or directory (errno 2) in /home/sites/website.co.uk/public_html/catalog/admin/check_permissions.php on line 360

Type Name Original permissions Actions / Results

The directory backups exists, so this is OK.

File ./products_new.php 644 OK

.

.

.

1146 - Table 'database.TABLE_COUNTER' doesn't exist

 

select startdate, counter from TABLE_COUNTER

 

[TEP STOP]

 

Note: I have changed the names of website, catalog and database in the above, and taken out all the filenames except the first one.

 

2)The settings for configure.php files sets ALL files which end in configure.php, so therefore it also sets sitemonitor_configure.php to the same setting. Is that intentional? I think you are using *configure.php to identify the configure files.

 

3)It is not possible to set the admin php files different to the non admin php files. It appears to use the non admin php setting for all php files. Has anyone else noticed that?

 

All the best

Lee

Link to comment
Share on other sites

Hi Geoff

Thanks for a great contribution.

I have installed it and it functions fine, but I have a couple of observations.

 

1)I also get the message below.

 

The admin directory is called catalog

 

 

Warning: chdir() [function.chdir]: No such file or directory (errno 2) in /home/sites/website.co.uk/public_html/catalog/admin/check_permissions.php on line 360

Type Name Original permissions Actions / Results

The directory backups exists, so this is OK.

File ./products_new.php 644 OK

.

.

.

1146 - Table 'database.TABLE_COUNTER' doesn't exist

 

select startdate, counter from TABLE_COUNTER

 

[TEP STOP]

 

Note: I have changed the names of website, catalog and database in the above, and taken out all the filenames except the first one.

 

2)The settings for configure.php files sets ALL files which end in configure.php, so therefore it also sets sitemonitor_configure.php to the same setting. Is that intentional? I think you are using *configure.php to identify the configure files.

 

3)It is not possible to set the admin php files different to the non admin php files. It appears to use the non admin php setting for all php files. Has anyone else noticed that?

 

All the best

Lee

 

1. Happened before explanation/solution at about post 5.

 

2. Close, testing last 13 characters, I'll change that to 14 and insist on a preceeding /.

 

3. Had a quick look and can't see that being done, it should have admin and non admin file permission levels.

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

1. Happened before explanation/solution at about post 5.

 

2. Close, testing last 13 characters, I'll change that to 14 and insist on a preceeding /.

 

3. Had a quick look and can't see that being done, it should have admin and non admin file permission levels.

 

G

Thanks Geoff.

Sorry for not getting back sooner.

Ref item 1, I didn't quite follow the reasoning, but will re-read and try to figure it out.

Ref item 3, there are boxes to specify them differently, it just doesn't happen for me. If I set the permissions to be different for admin and non admin, ALL the php files are set to the permissions specified for non admin.

All the best

Lee

Link to comment
Share on other sites

1146 - Table 'dbnnnnnnnnn.TABLE_COUNTER' doesn't exist

 

This error message is thrown when something tries to access the table counter. The capitals normally mean the field has not been "set".

 

It is also normally only used in /includes/footer.php not in admin so there is no entry for TABLE_COUNTER in /admin/includes/database_table.php.

 

I have still not had a real good look to see where the checks are made to see if the script is working on files in an admin directory or not.

 

I wouldn't be surprised if it is to do with the shop not being in / but that is a pure guess.

 

G.

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

  • 1 month later...

Have just uploaded a new version, 1.3.

 

Admin directory name should display correctly.

Corrected problem where the footer from the shop was used.

Files, php and non php, in Admin and non admin directories can be set to different levels.

Sitemap files can be set to different levels

IP Trap directories and files permission levels can be set.

 

Enjoy

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

  • 1 month later...

just a quick question, what is the best setting to have your files on. now i know the checker recommends a setting but is it better to have the settings lower numbers to make it safer where the checker wants to set most files to 755 when i have then set to 644??? What is better?

 

Also if i click update will i have to re-upload all files again if the install of OSC does not like the permission changes?

Thanks in advance!

 

Ben

Link to comment
Share on other sites

  • 4 weeks later...

Hi,

 

Copied / modified the files as per the read me - and am getting the following 404 error

 

"Not Found

 

The requested URL /admin/check_permissions.php was not found on this server.

 

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request."

 

when I put the check_permissions.php in the root directory I just get a blank screen.

 

My shop is on the root rather than in a catalog directory.

 

What have I done wrong ??

 

Thanks

Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Link to comment
Share on other sites

Sorted it now - I didn't realise there were two files to upload - one to admin and one to english.

 

Thanks

Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Link to comment
Share on other sites

This is a great idea this script however i find a very strange issue on a site i tested it on

 

it proceeded to tell e that the php files needed to be set to 755 (they were already set to 644)

 

as an example:

 

File ./account_edit.php 644 Action Required, should be [755]

File ./links_submit_success.php 644 Action Required, should be [755]

File ./create_account.php 644 Action Required, should be [755]

File ./newsdesk_reviews_write.php 644 Action Required, should be [755]

 

this is occuring on all php based files

 

Server is apache 2.2.11 with php 5.2.9 + suphp and suhosin with the public_html set to 751 and chowned to user:user

 

anyone have any ideas whats wrong?

Link to comment
Share on other sites

just a quick question, what is the best setting to have your files on. now i know the checker recommends a setting but is it better to have the settings lower numbers to make it safer where the checker wants to set most files to 755 when i have then set to 644??? What is better?

 

Also if i click update will i have to re-upload all files again if the install of OSC does not like the permission changes?

 

 

Not any php files needs to be set to 755 / 644 works also and no you do not have to reupload them. Change the permissions again with the script or with your ftp client.

Link to comment
Share on other sites

  • 1 month later...

If you get Warning: chmod(): Operation not permitted see http://www.oscommerce.com/forums/index.php?s=&...st&p=406856

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

  • 3 weeks later...

Excellent Contrib!

Really speeds up the process of checking file permissions.

And opens your eyes to permissions security.

 

I'm getting the following error:

 

Warning: unlink() [function.unlink]: No such file or directory in ........./catalog/admin/check_permissions.php on line 337

Edited by computergeek
Link to comment
Share on other sites

  • 2 months later...

Hi

 

Thanks for the great contribution, which I am trying to use on my newly installed shop.

 

I already changed the name of the admin folder, and checking file and folder permissions was the next natural step. Installing your contribution was easy, but it quite doesn't work as expected.

 

I'll explain: I read other users reporting errors, which I didn't get (which is good), but the contrib, even if it does show the status of the permissions on each and every file and folder of the website, it then does not succeed in changing them accordingly.

 

I get, when clicking on the button "update", the following resulsts:

 

The directory backups exists, so this is OK.
Directory 	./includes 	755 	Update failed
Directory 	./ext 	        755 	Update failed
Directory 	./pub 	        755 	OK
Directory 	./download 	755 	OK

 

 

This happens with all the files and directoris that should be modified. I just copy/pasted the first 4, otherwise the post would have been too long (I have 5 languages, in my shop).

The first 2 directories, for exampled, should have been changed to 644, but the update was not possible.

I have to manually change the permission via FTP if I want the contribution to say "OK"

 

Is there something I am missing? Or is this an issue of the contribution?

 

My release is 2.2 RC2a

 

Thanks in advance for your reply.

dunno what to write...

Link to comment
Share on other sites

  • 1 month later...

Someone forgot an inclued or require statement to get the check_permissions.php in english. when I first installed it you can see all the TEXT_CHECK_PERMISSIONS_TEXT_QUESTION_12 stuff instead of what its suppose to say

Link to comment
Share on other sites

  • 5 months later...

Hi

 

Does this contribution work if the Admin file has been renamed. I've renamed mine and Check Permissions doesn't seem to work.

 

Grandpa

Link to comment
Share on other sites

Has anyone got this working on OSCMax? (I realize this is the OSCommerce forum but there are a number of OSCMax folks lurking) I have found that this does not work in OSCMax 2.0.15/.25 out of the box. The configurations need to be changed to match the new Admin panel.

 

In admin/index.php add:

 

array('title' => BOX_TOOLS_CHECK_PERMISSIONS, 'link' => tep_href_link(FILENAME_CHECK_PERMISSIONS, 'selected_box=tools')),

 

in the Box_Heading_Tools array section, it is alphabetical if placed after the line:

 

array('title' => BOX_TOOLS_CACHE, 'link' => tep_href_link(FILENAME_CACHE, 'selected_box=tools')),

 

Or where-ever you like, just not after the close '))))' for that section.

 

I am getting a Write Permissions error at this point so need to find out what I missed... (more needs to be edited):

 

"Access Denied No Write Permission Access Please contact your Web Administrator to request more access or if you found any problem."

Link to comment
Share on other sites

Hi and thanks for the contribution,

I installed it and after pressing the CHECK BUTTON:

There is a big list of .php files that as default have 644 like permission, and the contribution suggest me to change them to 755 to see "OK".

Definitely I'm doing something wrong but it seems that the contribution ask me (action required) in a opposed way to what I read in the forum.

 

Also make sure that all files, except for the two configure.php files have permissions no higher than 644.

 

The permissions for the two configure.php files will vary according to the server your site is on - it could be 644, 444 or 400 which is correct.

 

Permissions on folders should be no higher than 755. If your hosting setup demands permissions of 777 on folders then change hosts.

 

All .php files are at 644 and directories are 755 but the contribuition ask me to change a lot of .php files to 755.

What I'm doing wrong?

I need your advise.

Link to comment
Share on other sites

Someone forgot an inclued or require statement to get the check_permissions.php in english. when I first installed it you can see all the TEXT_CHECK_PERMISSIONS_TEXT_QUESTION_12 stuff instead of what its suppose to say

 

Or you could have missed the step to install the languages file.

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Hi

 

Thanks for the great contribution, which I am trying to use on my newly installed shop.

 

I already changed the name of the admin folder, and checking file and folder permissions was the next natural step. Installing your contribution was easy, but it quite doesn't work as expected.

 

I'll explain: I read other users reporting errors, which I didn't get (which is good), but the contrib, even if it does show the status of the permissions on each and every file and folder of the website, it then does not succeed in changing them accordingly.

 

I get, when clicking on the button "update", the following resulsts:

 

The directory backups exists, so this is OK.
Directory 	./includes 	755 	Update failed
Directory 	./ext 	        755 	Update failed
Directory 	./pub 	        755 	OK
Directory 	./download 	755 	OK

 

 

This happens with all the files and directoris that should be modified. I just copy/pasted the first 4, otherwise the post would have been too long (I have 5 languages, in my shop).

The first 2 directories, for exampled, should have been changed to 644, but the update was not possible.

I have to manually change the permission via FTP if I want the contribution to say "OK"

 

Is there something I am missing? Or is this an issue of the contribution?

 

My release is 2.2 RC2a

 

Thanks in advance for your reply.

 

It should work for any name of the admin directory and should display the name of it.

 

Did you see this

 

If you start getting error messages, Apache is being run as a user that doesn\'t have permissions to change permissions.

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Has anyone got this working on OSCMax? (I realize this is the OSCommerce forum but there are a number of OSCMax folks lurking) I have found that this does not work in OSCMax 2.0.15/.25 out of the box. The configurations need to be changed to match the new Admin panel.

 

In admin/index.php add:

 

array('title' => BOX_TOOLS_CHECK_PERMISSIONS, 'link' => tep_href_link(FILENAME_CHECK_PERMISSIONS, 'selected_box=tools')),

 

in the Box_Heading_Tools array section, it is alphabetical if placed after the line:

 

array('title' => BOX_TOOLS_CACHE, 'link' => tep_href_link(FILENAME_CACHE, 'selected_box=tools')),

 

Or where-ever you like, just not after the close '))))' for that section.

 

I am getting a Write Permissions error at this point so need to find out what I missed... (more needs to be edited):

 

"Access Denied No Write Permission Access Please contact your Web Administrator to request more access or if you found any problem."

 

Have you checked the permissions on the file you are editing?

 

It would appear to be an error on the permissions on this file rather than the contribution.

 

Cheers

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Hi and thanks for the contribution,

I installed it and after pressing the CHECK BUTTON:

There is a big list of .php files that as default have 644 like permission, and the contribution suggest me to change them to 755 to see "OK".

Definitely I'm doing something wrong but it seems that the contribution ask me (action required) in a opposed way to what I read in the forum.

 

 

 

All .php files are at 644 and directories are 755 but the contribuition ask me to change a lot of .php files to 755.

What I'm doing wrong?

I need your advise.

 

You can set the permissions you want to test against on the first screen, the advice on permission levels may have changed since I last amended this or alternatively I might just be prompting with the wrong value.

 

Just change it to the one you want.

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...