integralworship Posted August 5, 2006 Share Posted August 5, 2006 When I try to write to my index.php file, it says that i don't have the correct user permissions. How do I go about changing those so I can change the store homepage text? Thanks! Link to comment Share on other sites More sharing options...
integralworship Posted August 5, 2006 Author Share Posted August 5, 2006 Hey guys, I still haven't gotten any help with this. I would really appreciate it cause I would love to get my store up and running! Thanks Link to comment Share on other sites More sharing options...
landjet Posted August 6, 2006 Share Posted August 6, 2006 I'm having the same problem when I try to change index.php through the tools- file manager window, or any function of the file manager tool. In most cases, I get this error: Error: I can not write to this directory. Please set the right user permissions on: /home/biobased/public_html/catalog//images All CHMOD settings have been checked. What I don't understand is the "//" after the catalog directory. These show up in all pages of the file manager if I move to any directory within catalog. If I try to edit any .php file, I get the following error: Warning: file(/home/biobased/public_html/catalog//.ftpquota): failed to open stream: Permission denied in /home/biobased/public_html/catalog/admin/file_manager.php on line 147 To me anyway, the 'double slash issue' seems to be the problem or part of the problem. But then again, thinking can be a dangerous thing - and mastering .php files is not my gift in life, so time to ask for help before I change too much and can't get the site back. Any insight or help would be greatly appreciated. Thanks in advance. Link to comment Share on other sites More sharing options...
landjet Posted August 6, 2006 Share Posted August 6, 2006 Warning: file(/home/biobased/public_html/catalog//.ftpquota): failed to open stream: Permission denied in /home/biobased/public_html/catalog/admin/file_manager.php on line 147 file_manager.php,v 1.42 2003/06/29 22:50:52 <?php if ( (($action == 'new_file') && ($directory_writeable == true)) || ($action == 'edit') ) { if (isset($HTTP_GET_VARS['info']) && strstr($HTTP_GET_VARS['info'], '..')) tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); if (!isset($file_writeable)) $file_writeable = true; $file_contents = ''; if ($action == 'new_file') { $filename_input_field = tep_draw_input_field('filename'); } elseif ($action == 'edit') { if ($file_array = file($current_path . '/' . $HTTP_GET_VARS['info'])) { ***<---LINE 147*** $file_contents = addslashes(implode('', $file_array)); } $filename_input_field = $HTTP_GET_VARS['info'] . tep_draw_hidden_field('filename', $HTTP_GET_VARS['info']); } ?> Link to comment Share on other sites More sharing options...
integralworship Posted August 7, 2006 Author Share Posted August 7, 2006 Yeah thanks for getting the specifics in...maybe this way people will be able to help us more. I was wondering if there's just some sort of administration settings that I missed. But I doubt it. Please help. Thank YOU! Link to comment Share on other sites More sharing options...
NewToosCo Posted November 21, 2007 Share Posted November 21, 2007 When I try to write to my index.php file, it says that i don't have the correct user permissions. How do I go about changing those so I can change the store homepage text? Thanks! Same error... Need help here. Link to comment Share on other sites More sharing options...
Guest Posted November 22, 2007 Share Posted November 22, 2007 Same error... Need help here. I don't understand what you guys are trying to. Write to the index.php file? Are you trying to do do this via the filemanager. If so, don't. FTP the files to your pc, edit with a test editor, and ftp them back to whence they came. Link to comment Share on other sites More sharing options...
Rasmussen Group Posted December 7, 2007 Share Posted December 7, 2007 I don't understand what you guys are trying to. Write to the index.php file? Are you trying to do do this via the filemanager. If so, don't. FTP the files to your pc, edit with a test editor, and ftp them back to whence they came. If we are not supposed to be able to edit files using the File Manager, then why in the hell is there an 'Edit' button? Link to comment Share on other sites More sharing options...
TKdiesel Posted December 8, 2007 Share Posted December 8, 2007 If you edit the file with the file manager and make a fubar then where is your backup file? Before I make changes I make a copy like "index.orig.php" and keep one on the server and one on my hard drive as my backup just in case. I would think not being able to edit with the file manager is a good thing. Just my opinion, I could be wrong Tom Link to comment Share on other sites More sharing options...
Rasmussen Group Posted December 11, 2007 Share Posted December 11, 2007 The thread isn't about best practices. It is a valid question that deserves a reasonable answer. The fact remains that the File Manager has an 'Edit' button and the edit button should function (if someone chooses to do so) or be removed from File Manager. The feature should be no different than someone editting a file from any other FTP client. However, FTP clients connect through the FTP port and not http. They actually log in to an FTP account so that the server authenticates who the user is and can therefore grant read, write and execute permissions accordingly. The best answer to the question is: In order for the File Manager to be able to edit files directly through the browser, you would need to change the permissions on all the files you wish to be able to edit in order to allow for write access which is a pretty big security risk. It exposes the files to be written by anyone and is therefore not recommended. But if you really wish to edit your files through osCommerce's File Manager you'll need to make the file permissions at least -rwxrw-rw or 766 (this is because the server cannot identify the user through the browser so you have to give write permission to the world). If I am wrong, someone please share a better answer for this, as I too would be interested in this very same functionality. Sometimes, I just want to make a quick change from out in the field where I don't necesarily have an FTP client to use (I realize I could use command line FTP, but I don't always have usernames and passwords for FTP accounts with me). It would be pretty cool if I could go in and securely make changes to the site. Of course I would need to remember that the files on the server have been changed and should be downloaded back to my PC when I return to my office so that I don't have version control issues (or backup issues - Tom). Link to comment Share on other sites More sharing options...
reformedman Posted December 11, 2007 Share Posted December 11, 2007 The thread isn't about best practices. It is a valid question that deserves a reasonable answer. The fact remains that the File Manager has an 'Edit' button and the edit button should function (if someone chooses to do so) or be removed from File Manager. The feature should be no different than someone editting a file from any other FTP client. However, FTP clients connect through the FTP port and not http. They actually log in to an FTP account so that the server authenticates who the user is and can therefore grant read, write and execute permissions accordingly. The best answer to the question is: In order for the File Manager to be able to edit files directly through the browser, you would need to change the permissions on all the files you wish to be able to edit in order to allow for write access which is a pretty big security risk. It exposes the files to be written by anyone and is therefore not recommended. But if you really wish to edit your files through osCommerce's File Manager you'll need to make the file permissions at least -rwxrw-rw or 766 (this is because the server cannot identify the user through the browser so you have to give write permission to the world). If I am wrong, someone please share a better answer for this, as I too would be interested in this very same functionality. Sometimes, I just want to make a quick change from out in the field where I don't necesarily have an FTP client to use (I realize I could use command line FTP, but I don't always have usernames and passwords for FTP accounts with me). It would be pretty cool if I could go in and securely make changes to the site. Of course I would need to remember that the files on the server have been changed and should be downloaded back to my PC when I return to my office so that I don't have version control issues (or backup issues - Tom). Your answer was good but I'll only add that in the older versions of osc anyone could make their way to the admin of anyone's osc site through and easy exploit trick. The ability to edit through manager was then removed. I used to have a site under that early revision model and anyone was able to edit my filemanager files. After ability to write through filemanager editor was removed, the exploit was fixed but the editing ability through manager was never restored. Oopsy on the osc-developer's part. man of a reformed faith. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.