-
AuthorPosts
-
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 11, 2014 at 2:34 pm #195685I need help with this problem.
I build my joomla portal with ja university in local (Windows) and use components like JA side news, Ja Slideshow little or K2 thats works fine but when i put my portal in pre-production site (Linux)…
All the things that works on local, works on pre-producion. But when i put a new image in portal and one of this components try to make a resize, returns a error like “Failed to open file for writing”
I supposed that the problem is that the new image is property of “Ftp user” and the components try to work with “apache user”.
If put 777 is imposible for security reasons… what is the best way to make this componets can work fine in pre-production?
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
March 12, 2014 at 10:20 am #526453I would need to take a closer look at your site. Please pm URL, admin and FTP credentials of your site.
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 12, 2014 at 11:18 am #526465Its complicated because the server is in a private network.
I was watching yesterday and some posible situations:
– reinstall the component because the portal is create in one machine and put in other, not install in other…
– put off the ftp
– put 775 in the folder resizedSeems like the principal problen is that /image/resized/ is owner by ftp user and the components try to write there with apache user…
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
March 13, 2014 at 4:11 am #526539It’s best if you contact your hosting provider to check this permission issue for you as I can’t give suggestion without seeing it closely. Please try to grant ‘Write’ privilege for that file/folder.
1 user says Thank You to Ninja Lead for this useful post
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 13, 2014 at 9:06 am #526577The hosting provider says that the structure of folders under “resized” is created with “ftp user” with 755.
When i put a new image on server, try to resize this image with “apache user” and he cant write this resized image in folder.
If we put 775, works, but the hosting provider says that this not is a good solution.
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 13, 2014 at 2:05 pm #526604We was investigated about this and i can add more information.
The template use this components:
– mod_jacontentslider
– mod_jasidenews
– mod_jaslideshowliteThe file “jaimage.php” exist in this 3 components.
When we use some image and add to (for example) /images/stories/example.jpg and try to use one of this componets, they construct a new estructure in /images/resized/stories/
For these, use this function: function makeDir($path) with these instruction
if (!file_exists($tmppath . $folders[$i]) && !JFolder::create($tmppath . $folders[$i], 0755)) {
return false;
}And this folder is owned by “ftp_user”.
Next step is create a new version of image: example_152_200.jpg
But joomla is try to save these image using “apache_user” and he hasnt privileges to write in this folder. The image is not saved and when we show the portal, appears the error “unable to open” because the file not exist.
If we put this:
if (!file_exists($tmppath . $folders[$i]) && !JFolder::create($tmppath . $folders[$i], 0775)) {
return false;
}All works fine, but… if in future we update the components, we lose this change.
In my local (on windows) there are no problem. The problem happens in pre-production in a linux machine
Is correct that the folder will be create with one user and the image with other user?
Its maybe a bug?
Its possible to change the function that create the resize image to use other user?1 user says Thank You to jlmartinez for this useful post
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
March 14, 2014 at 4:28 am #526669You are right, the jaimage.php files in mod_jacontentslider, mod_jasidenews and mod_jaslideshowlite modules is used to resize and create new folder path for resized image.
If Web_user (your account in hosting/server) has full permission 0755 and 0775 on your hosting, they should work well.
I have tested jaimage.php, it can run with folder permission 0755 or 0775. If your site only works with folder permission 0775, you have to change as you mentioned above and backup files in case of future upgrade.
Anyway, it would be best if you can fix it from Web_user(full permission) and do not change permission 0775 of image folder as it causes security risk for your site.
1 user says Thank You to Ninja Lead for this useful post
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 17, 2014 at 8:33 am #526913I have two answer.
First… what its the diferent between a folder with 775 and a webuser with 775. If a bad user wants to make something wrong… In the first case he can do only in resized folder and in the second in all folders… no?
And last. One thing that i dont understand:
1. I put a new image in /images/example/001.jpg -> this is make by ftpUser.
2. I try to public this image in a JA component -> jaimage.php must to work
3. jaimage.php makes a copy of the folder in /images/resized/example/ -> this folder is owner by ftpuser
4. jaimage.php makes a resized copy of 001.jpg and put this in /images/resized/example/ -> this action is make by webuser
The answer is… why the last step is make by webuser? why ftpuser dont finish the last action? If the folder is created by ftpuser, why the resized image is not created by ftpuser?
If the last step is make by ftpuser, all the permisions works fine. only ftpuser (the owner of images) works with images and nobody can make attacks with webuser…
1 user says Thank You to jlmartinez for this useful post
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
March 18, 2014 at 8:17 am #527116I know we share the concern about security risk for your site. Hope my explanation below will help to clarify between ftpuser and webuser
+ ftpuser account on your site has full control over all folders and files on your hosting.
+ webuser is configured from apache server via your hosting site, it only works with php code and all folders and files on your site with view permission. That’s why webuser on your site needs permission 775 to work with folders.
You can ask your hosting provider to help you set the configuration from apache server to grant webuser full control with folder source code on your site and you don’t need to set folders and files to permission 0775.
1 user says Thank You to Ninja Lead for this useful post
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 18, 2014 at 10:02 am #527130Its ok for me… and i try to ask about web user permissions to hosting provider…
Its a personal curiosity… Perhaps i’m very dummy… but…
If i dont be wrong, the class jaimage.php is used for make new folders under resized and to make new resized images from my images…
I dont understand why the action of make folders is do with ftpuser and the action of make images is do with webuser…
This duality is drive me crazy… if somebody could explain me why this works of this way, this person will save my mental heath :p
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
March 19, 2014 at 10:17 am #527323<blockquote>I dont understand why the action of make folders is do with ftpuser and the action of make images is do with webuser…</blockquote>
All actions for web is from webuser, not ftpuser.
jlmartinez
Friend
jlmartinez
- Join date:
- September 2013
- Posts:
- 28
- Downloads:
- 37
- Uploads:
- 3
- Thanks:
- 15
- Thanked:
- 3 times in 1 posts
March 19, 2014 at 11:33 am #527336<em>@Ninja Lead 417110 wrote:</em><blockquote>All actions for web is from webuser, not ftpuser.</blockquote>
Then… make a folder is not a web action but make a image is a web action?
Ninja Lead
Moderator
Ninja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
March 20, 2014 at 11:49 am #527481<em>@jlmartinez 417125 wrote:</em><blockquote>Then… make a folder is not a web action but make a image is a web action?</blockquote>
Please pm me URL, admin and ftp credentials of your site, I will help to check it directly on your site.
-
AuthorPosts
This topic contains 13 replies, has 2 voices, and was last updated by Ninja Lead 10 years, 1 month ago.
We moved to new unified forum. Please post all new support queries in our New Forum