Keyword
Please note that official support for commercial extensions & templates is provided in the Subscriber Help Desk.
Support requests should ONLY be directed there and require an active subscription plan.
This forum board is to be used for archive purposes and knowledge exchange ONLY.

SIG ought to honor the file permissions set in Joomla Config

  • joomar
  • joomar's Avatar Topic Author
  • Offline
  • New Member
More
16 years 9 months ago #12366 by joomar
Hello Joomlaworks-Team,

SIG doesn't care what file/dir permissions the admin has set in Joomla Administrator's Site -> Global Configuration -> [Tab] Server.

The Admin can set what permissions will be used by Joomla to creat files or create directories.

SIG always (hardcoded) creates...

...the temp directory with 755

Line 69 (plugin_jw_sig.php)
// CHECK IF TEMP FOLDER EXISTS, IF NOT, CREATE IT
if (!is_dir($mosConfig_absolute_path.$tempfolder)) { mkdir ($mosConfig_absolute_path.$tempfolder, 0755);}


...all cached files with 644 (or server default settings)

Near line 111 (sigpro_engine.php)
// keep original sizes, i.e. just copy
if ($this->save_to_file) {
   @copy($from_name, $to_name);
}

Near line 156 (sigpro_engine.php)
// save thumb file
$this->SaveImage($ni, $to_name);

Line 156 points to function SaveImage atarting line 20 (sigpro_engine.php)
  function SaveImage($im, $filename) {
 
    $res = null;
 
    // ImageGIF is not included into some GD2 releases, so it might not work.
    // Output png if gifs are not supported.
    if(($this->image_type == 1)  && !function_exists('imagegif')) $this->image_type = 3;

    switch ($this->image_type) {
      case 1:
        if ($this->save_to_file) {
          $res = ImageGIF($im,$filename);
        }
        else {
          header("Content-type: image/gif");
          $res = ImageGIF($im);
        }
        break;
      case 2:
        if ($this->save_to_file) {
          $res = ImageJPEG($im,$filename,$this->quality);
        }
        else {
          header("Content-type: image/jpeg");
          $res = ImageJPEG($im,'',$this->quality);
        }
        break;
      case 3:
        if ($this->save_to_file) {
          $res = ImagePNG($im,$filename);
        }
        else {
          header("Content-type: image/png");
          $res = ImagePNG($im,'',$this->quality);
        }
        break;
    }
 
    return $res;
 
  }


The actual problem is not the permissions, but the fact that these files/dirs are created by the webser (mostly user nobody on UNIX). If that's the case other users, even the owner of the account has no access to those files/dirs. Suppose there were a problem with a gallery, they can't even delete these files or the temp dir. They will get a 'permission denied' error if they try, unless they use a file manager component like JoomlaXplorer, but many people don't.

Some people just rely on the fact, that the files/directories are created as they specified in the Joomla Configuration. And they should be able to rely on that.


The solution is easy (for the most part).

Solution for cached files:
After line 111 and 156 (in sigpro_engine.php) add a chmod command:

Near line 111:
// keep original sizes, i.e. just copy
if ($this->save_to_file) {
   @copy($from_name, $to_name);
   @chmod($to_name, $mosConfig_fileperms); /* Added to change permissions */
}

Near line 156
// save thumb file
$this->SaveImage($ni, $to_name);
// chmod thumb file
@chmod($to_name, $mosConfig_fileperms); /* Added to change permissions */

I am not sure, if you have to convert $mosConfig_fileperms to an octal value first, since is a string and an octal value is expected by chmod.


Solution for temp directory:
In line 69 (in plugin_jw_sigpro.php) replace the 0755 with $mosConfig_dirperms:
// CHECK IF TEMP FOLDER EXISTS, IF NOT, CREATE IT
if (!is_dir($mosConfig_absolute_path.$tempfolder)) { mkdir ($mosConfig_absolute_path.$tempfolder, $mosConfig_dirperms);} /* 0755 replaced by $mosConfig_dirperms */

However, I wasn't able to implement this on our server, even when I hardcoded 0777. For some reason our server was always creating a directory with 755 regardless of the perms that I throw at it.


So maybe a little testing is needed to make this work perfectly and bug free, but I think it ought to be implemented. Since we have the possibility in Joomla to set the permissions that it uses to create files and dirs, extensions ought to honor those settings.

Please Log in or Create an account to join the conversation.

  • JoomlaWorks Support Team
  • JoomlaWorks Support Team's Avatar
  • Offline
  • Platinum Member
More
16 years 9 months ago #12367 by JoomlaWorks Support Team
Replied by JoomlaWorks Support Team on topic Re: SIG ought to honor the file permissions set in Joomla Config
Hi my friend!

This is really smart notice!

We use the standard 777 / 644 permissions for the folder cause many clients don't use linux server.
But your notice it's really important and will check it out immediately!

Thank you!

JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)

Please Log in or Create an account to join the conversation.


Powered by Kunena Forum