PHP: fopen() Permission denied

I am confused with this code:

test.php:

fopen('test.txt','a+');

when I execute it, I get an error:

Warning: fopen(test.txt): failed to open stream:
     Permission denied in /var/www/html/yuelu3/mobile/text.php on line 2

test.txt:

-rwxrwxrwx. 1 jt jt     87 10月  7 20:58 test.txt

where is the problem?

Th开发者_如何学Goanks a lot!I have found the problem,I use FC13,because of the protect of SELinux,some action is denied.So, I just need to get rid of the protect.

This issue can also be a result of having SELinux enabled. This can be solved using:

chown -R apache:apache /var/www/html/directory_to_write
chcon -R -t httpd_sys_content_t /var/www/html/directory_to_write
chcon -R -t httpd_sys_rw_content_t /var/www/html/directory_to_write

Edit:

You can find the old explanation at https://web.archive.org/web/20150927091100/https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/sect-Managing_Confined_Services-The_Apache_HTTP_Server-Types.html or https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_confined_services/sect-managing_confined_services-the_apache_http_server-types

However if you are on anything like Redhat 8 or newer, you might want to follow https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/using_selinux/configuring-selinux-for-applications-and-services-with-non-standard-configurations_using-selinux#customizing-the-selinux-policy-for-the-apache-http-server-in-a-non-standard-configuration_configuring-selinux-for-applications-and-services-with-non-standard-configurations

try

fopen('/path/to/file/test.txt','a+');

as

fopen('test.txt','a+');

is most likely looking in another directory

I have been receiving the same error "failed to open stream. permission denied"when trying to write a file on the server using PHP. I tried everything on the internet to fix the error. I changed ownership of the files,directories and sub-directories on the server to "apache", I did a chmod 777 on all the files, directories, sub-directories, I ran restorecon -R, I ran chcon unconfined_u:object_r:httpd_user_content_t:s0 on all the files, but the only thing that seemed to work is turning SELinux off completely.

I finally resolved the issue. The problem lay in the boolean parameters used by SELinux. I performed the following command to get a list of all the booleans related to httpd.

$ getsebool -a | grep httpd

This gave a list of about 36 parameters.

I painfully went and turned on every boolean using the setsebool command until the "failed to open stream. permission denied" error went away.

When I turned "on" the httpd_unified boolean, the error went away!! When I turned it "off", the error came back!!

Use fopen($_SERVER['DOCUMENT_ROOT'].'test.txt','a+');

Paths always cause issues when trying to open files. An easy way to avoid having any problems when you are attempting to open files is by checking what directory you are in, and where you are making the call to.

echo getcwd();

Create a simple PHP page and make a call print the current directory. Drop the PHP page into the same directory as the file, and it will tell you the correct path to the folder and then just add on the /filename.xxx.

Check the SELinux context mode of the file to be sure it is set to: httpd_user_content_t

...If it's not, use:

chcon httpd_user_content_t test.txt

...to correct the problem.

I'm using an Apache HTTP server v2.4, I think the following method will work for most people on linux:
first thing check who is the user running 'httpd'.
It is daemon in my case, and I'm not sure if it is the case for everybody. you can do so using:
ps -ef | grep 'httpd'

once you're sure that the user daemon is the owner of the process httpd, change the owner of the folder in which you want the permission to write to deamon

sudo chown daemon /path/to/folder

this will change only the user, the group of that directory remain unchanged. if you want the group also to be able to write, make sure that it has write permission

sudo chmod g+w /path/to/folder

In my case these steps helped me:

• Verify the process user using this command ps -ef
• Result could be:

UID        PID  PPID  C STIME TTY          TIME CMD
www-data    18     1  0 15:43 pts/0    00:00:00 apache2 -DFOREGROUND

• Add www-data user as owner of /var/www/html/ folder

chown -R www-data:www-data /var/www/html/

Worked perfectly in a Docker running some version of PHP, but when I switched to Xampp for a quick test (since MySQL actually out of the box runs faster in Xampp) it stopped working. So this solved the task, just including the actual path to the file. This is most likely just due to different environment variables that varies in different versions and settings.

$filepath =  __DIR__ . DIRECTORY_SEPARATOR;
$in = fopen($filepath . 'test.txt','a+');

In my case the reason was: "0644" permission for the file instead of "0777" (after moving from another hosting).