Php apache中的权限级别
我正在为我的部门开发一个网站。我在Ubuntu中使用临时服务器apache。我在从文件夹访问文件时遇到问题。我会上传一张照片,它会存储在/var/www/web/uploads文件夹中,路径存储在mysql php数据库中。我在数据库和上面的文件夹中保存路径没有问题,但当我试图在网站中显示时,我无法访问它。它说我不是主人。它将www数据显示为所有者。我知道我应该在终端中更改权限级别。我尽了最大努力,但没有取得任何成果。有谁能帮我更改它的权限级别吗 //这是html代码indeximg.phpPhp apache中的权限级别,php,mysql,apache,web,file-permissions,Php,Mysql,Apache,Web,File Permissions,我正在为我的部门开发一个网站。我在Ubuntu中使用临时服务器apache。我在从文件夹访问文件时遇到问题。我会上传一张照片,它会存储在/var/www/web/uploads文件夹中,路径存储在mysql php数据库中。我在数据库和上面的文件夹中保存路径没有问题,但当我试图在网站中显示时,我无法访问它。它说我不是主人。它将www数据显示为所有者。我知道我应该在终端中更改权限级别。我尽了最大努力,但没有取得任何成果。有谁能帮我更改它的权限级别吗 //这是html代码indeximg.php
<html>
<head>
<title>File Upload with PHP</title>
<link href="styleimg.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="theForm">
<form action="uploader.php" enctype="multipart/form-data" method="post" >
<label>Title
<span class="small">Title of the File</span>
</label>
<input type="text" name="mName" id="mName" />
<label>File
<span class="small">Choose a File</span>
</label>
<input type="file" name="mFile" id="mFile" />
<button type="submit" class="red-button" id="sendmail">Upload (<?php echo ini_get('upload_max_filesize').'B'; ?>)</button>
<div class="spacer"></div>
</form>
</div>
</body>
</html>
用PHP上传文件
标题
文件标题
文件
选择一个文件
上传()
//这是文件加载程序代码
// replace with your mysql database details
$MySql_username = "shwetharao"; //mysql username
$MySql_password = "shwetha"; //mysql password
$MySql_hostname = "localhost"; //hostname
$MySql_databasename = 'semilab'; //databasename
if (!@file_exists($UploadDirectory)) {
//destination folder does not exist
die("Make sure Upload directory exist!");
}
if($_POST)
{
if(!isset($_POST['mName']) || strlen($_POST['mName'])<1)
{
//required variables are empty
die("Title is empty!");
}
if($_FILES['mFile']['error'])
{
//File upload error encountered
die(upload_errors($_FILES['mFile']['error']));
}
$FileName = strtolower($_FILES['mFile']['name']); //uploaded file name
$FileTitle = mysql_real_escape_string($_POST['mName']); // file title
$ImageExt = substr($FileName, strrpos($FileName, '.')); //file extension
$FileType = $_FILES['mFile']['type']; //file type
$FileSize = $_FILES['mFile']["size"]; //file size
$RandNumber = rand(0, 9999999999); //Random number to make each filename unique.
$uploaded_date = date("Y-m-d H:i:s");
switch(strtolower($FileType))
{
//allowed file types
case 'image/png': //png file
case 'image/gif': //gif file
case 'image/jpeg': //jpeg file
case 'application/pdf': //PDF file
case 'application/msword': //ms word file
case 'application/vnd.ms-excel': //ms excel file
case 'application/x-zip-compressed': //zip file
case 'text/plain': //text file
case 'text/html': //html file
break;
default:
die('Unsupported File!'); //output error
}
//File Title will be used as new File name
$NewFileName = preg_replace(array('/\s/', '/\.[\.]+/', '/[^\w_\.\-]/'), array('_', '.', ''), strtolower($FileTitle));
$NewFileName = $NewFileName.'_'.$RandNumber.$ImageExt;
$UploadDirectory = "/var/www/web/".$NewFileName;
echo $UploadDirectory;
//Rename and save uploded file to destination folder.
if(move_uploaded_file($_FILES['mFile']["tmp_name"], $UploadDirectory))
{
//connect & insert file record in database
$dbconn = mysql_connect($MySql_hostname, $MySql_username, $MySql_password)or die("Unable to connect to MySQL");
mysql_select_db($MySql_databasename,$dbconn);
@mysql_query("INSERT INTO file_recordimg (file_name, file_title, file_size, uploaded_date , uploaded_path) VALUES ('$NewFileName', '$FileTitle',$FileSize,'$uploaded_date','$UploadDirectory')");
mysql_close($dbconn);
header('Location: '.$SuccessRedirect); //redirect user after success
}else{
die('error uploading File!');
}
}
//function outputs upload error messages, http://www.php.net/manual/en/features.file-upload.errors.php#90522
function upload_errors($err_code) {
switch ($err_code) {
case UPLOAD_ERR_INI_SIZE:
return 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
case UPLOAD_ERR_FORM_SIZE:
return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
case UPLOAD_ERR_PARTIAL:
return 'The uploaded file was only partially uploaded';
case UPLOAD_ERR_NO_FILE:
return 'No file was uploaded';
case UPLOAD_ERR_NO_TMP_DIR:
return 'Missing a temporary folder';
case UPLOAD_ERR_CANT_WRITE:
return 'Failed to write file to disk';
case UPLOAD_ERR_EXTENSION:
return 'File upload stopped by extension';
default:
return 'Unknown upload error';
}
}
?>
//替换为您的mysql数据库详细信息
$MySql\u username=“shwetharao”//mysql用户名
$MySql\u password=“shwetha”//mysql密码
$MySql\u hostname=“localhost”//主机名
$MySql_databasename='semilab'//数据库名
如果(!@file_存在($UploadDirectory)){
//目标文件夹不存在
die(“确保上传目录存在!”);
}
如果(美元邮政)
{
如果(!isset($_POST['mName'])| | strlen($_POST['mName']))
///输出
<?php
$MySql_username = "shwetharao"; //mysql username
$MySql_password = "shwetha"; //mysql password
$MySql_hostname = "localhost"; //hostname
$MySql_databasename = 'semilab'; //databasename
$dbconn = mysql_connect($MySql_hostname, $MySql_username, $MySql_password)or die("Unable to connect to MySQL");
mysql_select_db($MySql_databasename,$dbconn);
$sql = 'SELECT uploaded_path
FROM file_recordimg';
$retval = mysql_query( $sql, $dbconn );
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
echo "$row[uploaded_path]";
?>
<table style="border-collapse: collapse; font: 12px Tahoma;" border="1">
<tbody><tr>
<td>
<img src="<?php echo $row[uploaded_path];?>">
</td>
</tr>
</tbody></table>
<div align="center"><strong>Success.. File uploaded!</strong></div>
<?php
}
mysql_close($dbconn);
?>
">
成功..文件已上载!
试试这个
在linux服务器上以root用户身份登录。转到您的上载文件夹,并授予777上载文件夹的权限,然后重试可以显示代码吗?您可以通过www.appname.com/uploads访问images文件夹吗?它何时说您不是所有者?从前端获取图像并上载到“上载”“文件夹。但图像被锁定。当我单击属性->权限(图像)时”,它将所有者显示为www数据。它显示我不是上载文件的所有者。但在/var/www/web/uploads之前,我有权访问文件夹。如何以root身份登录?我是这个linux服务器的新手是的,是的,滥用root权限并给每个人写权限…是的是的。实际上不要这样做。这是最糟糕的解决方案。问题出在其他地方。这是一个巨大的安全风险。如果有人可以劫持你的系统或恶意php脚本,他们可以上传/创建一个.sh文件,安装恶意内容,然后从那里正确劫持你的服务器。真的……不要在文件夹上这样做。