If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
(PHP 4, PHP 5, PHP 7, PHP 8)
chown — Changes file owner
Attempts to change the owner of the file filename
to user user
. Only the superuser may change the
owner of a file.
filename
Path to the file.
user
A user name or number.
Returns true
on success or false
on failure.
Example #1 Simple chown() usage
<?php
// File name and username to use
$file_name= "foo.php";
$path = "/home/sites/php.net/public_html/sandbox/" . $file_name ;
$user_name = "root";
// Set the user
chown($path, $user_name);
// Check the result
$stat = stat($path);
print_r(posix_getpwuid($stat['uid']));
?>
The above example will output something similar to:
Array ( [name] => root [passwd] => x [uid] => 0 [gid] => 0 [gecos] => root [dir] => /root [shell] => /bin/bash )
Note: This function will not work on remote files as the file to be examined must be accessible via the server's filesystem.
Note: On Windows, this function fails silently when applied on a regular file.
If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
If you allow sudo execution for chmod by "nobody" (www, webdaemon, httpd, whatever user php is running under)in this manner, it had better be a system on which the owner is able to be root and no one else can run code, else your whole system is compromised. Someone could change the mode of /etc/passwd or the shadow password file.
Other system commands (sudo mount) and so forth are similar.
If you want to chown a symlink, PHP will follow the symlink and change the target file.
If you want to chown the symlink, you have to use shell_exec("/bin/chown user.group symlink");
I've only tested this on Solaris 10 so your mileage may vary.
To allow the apache daemon to change file ownership without being root, add the following line to /etc/system:
set rstchown=0
Reboot the server.
There are security concerns doing this as this modification allows any user to change ownership of their files to anyone else.
For most modern Linux systems your apache user should not be run as root, and in order to change the ownership of a file or directory, you need to be root. To get around this problem you can use sudo, but be careful with what permissions you give. Here is an example which is working for me:
www-data ALL = NOPASSWD: /bin/chown 1[1-9][0-9][0-9]\:1[1-9][0-9][0-9] /home/www/[a-zA-Z0-9]*
This allows the apache server to change ownership of files in /home/www with name containing a-z, A-Z or numbers (note: no subdirectories). The only valid input of userid is a four digit numeric id, between 1100 and 1999.
Hope this helps.
Simple usage of the chown:
<?php
$file_name= "test";
$path = "/var/www/html/test/" . $file_name ;
$user_name = "root";
chown($path, $user_name);
?>
<?php
function recurse_chown_chgrp($mypath, $uid, $gid)
{
$d = opendir ($mypath) ;
while(($file = readdir($d)) !== false) {
if ($file != "." && $file != "..") {
$typepath = $mypath . "/" . $file ;
//print $typepath. " : " . filetype ($typepath). "<BR>" ;
if (filetype ($typepath) == 'dir') {
recurse_chown_chgrp ($typepath, $uid, $gid);
}
chown($typepath, $uid);
chgrp($typepath, $gid);
}
}
}
recurse_chown_chgrp ("uploads", "unsider", "unsider") ;
?>
for older versions.. unfortunately, it seems I do not have permission to perform these functions.