From a3cbc3d671b9941e0859bd5e5694a115fde59a57 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 30 Nov 2008 11:48:33 +0000 Subject: [PATCH] Let's face it - the most common setup we see with phpBB is having group-specific settings for external users (FTP, whatever). Changed phpbb_chmod() to set the group bit, even if the PHP user is the owner. (somehow this sounds complicated, i hope you get the idea). git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9131 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/functions.php | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index c83bd2cc72..dad0e468d7 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -96,6 +96,7 @@
  • [Fix] Properly treat punctuation marks after local urls (Bug #37055)
  • [Fix] Make searching for members by YIM address work in prosilver
  • [Fix] Tell users to recreate the search index after changing the common word threshold for fulltext_native (Bug #36345)
    • +
  • [Fix] Adjusted phpbb_chmod() to always set permissions for group bit.
  • [Change] Alllow applications to set custom module inclusion path (idea by HoL)
  • [Change] Handle checking for duplicate usernames in chunks (Bug #17285 - Patch by A_Jelly_Doughnut)
  • [Change] Better handling and finer control for custom profile fields visibility options. (Patch by Highway of Life)
    • diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b96024e4e3..d6f112e8d6 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -462,7 +462,7 @@ function _hash_crypt_private($password, $setting, &$itoa64) /** * Global function for chmodding directories and files for internal use * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions. -* The function determines owner and group from common.php file and sets the same to the provided file. +* The function determines owner and group from common.php file and sets the same to the provided file. Permissions are mapped to the group, user always has rw(x) permission. * The function uses bit fields to build the permissions. * The function sets the appropiate execute bit on directories. * @@ -532,7 +532,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) // Who is PHP? if ($file_uid === false || $file_gid === false || $php_uid === false || $php_gids === false) { - $php = null; + $php = NULL; } else if ($file_uid == $php_uid /* && $common_php_owner !== false && $common_php_owner === $file_uid*/) { @@ -564,12 +564,15 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) { case null: case 'owner': + /* ATTENTION: if php is owner or NULL we set it to group here. This is the most failsafe combination for the vast majority of server setups. + $result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0)); if (!is_null($php) || (is_readable($filename) && is_writable($filename))) { break; } + */ case 'group': $result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0));