PHP opendir

johan_hammy · November 26, 2015, 7:55pm

PHP Warning:  opendir(../): failed to open dir: Permission denied in /chroot/home/betaicsi/beta.ics-il.com/html/search/results.php on line 110, referer: http://beta.ics-il.com/search.php?s=Intelligent

[root@ip22 html]# ls -al /home/betaicsi/beta.ics-il.com/html/total 756
drwxr-s--x 8 betaicsi betaicsi   4096 Nov 26 19:04 .
drwx--s--x 4 betaicsi betaicsi   4096 Jan 18  2015 ..
-rw-r--r-- 1 betaicsi betaicsi   7161 Nov 26 20:24 404.html
-rw-r--r-- 1 betaicsi betaicsi   8672 Nov 26 17:46 about.html
drwxr-sr-x 2 betaicsi betaicsi   4096 Jan 18  2015 bat
-rw-r--r-- 1 betaicsi betaicsi  13063 Nov 22 21:06 business.html
drwxr-xr-x 2 betaicsi betaicsi   4096 Jan 18  2015 cgi-bin
-rw-r--r-- 1 betaicsi betaicsi   8874 Nov 26 18:09 contact.html
-rw-r--r-- 1 betaicsi betaicsi   8457 Nov 22 21:06 coverage.html
-rw-r--r-- 1 betaicsi betaicsi   5634 Jan 18  2015 Coverage.html
drwxr-sr-x 3 betaicsi betaicsi   4096 Nov 26 19:42 css
-rw-r--r-- 1 betaicsi betaicsi   7196 Nov 22 21:06 existing-clients.html
-rw-r--r-- 1 betaicsi betaicsi   2126 Nov 22 21:06 fullscreenmap.html
-rw-r--r-- 1 betaicsi betaicsi 121859 Nov 22 21:03 ICS_coverage.kmz
drwxr-sr-x 3 betaicsi betaicsi   4096 Nov 22 20:46 img
-rwxr-xr-x 1 betaicsi betaicsi  12996 Nov 26 17:57 index.html
drwxr-sr-x 3 betaicsi betaicsi   4096 Nov 26 19:42 js
-rw-r--r-- 1 betaicsi betaicsi  13616 Nov 22 19:29 policies.html
-rw-r--r-- 1 betaicsi betaicsi  11817 Nov 22 21:06 residential.html
-rw-r--r-- 1 betaicsi betaicsi  10938 Nov 22 09:27 residential.html.old
-rwxr-xr-x 1 betaicsi betaicsi    816 Jan 18  2015 robots.txt
drwxr-sr-x 2 betaicsi betaicsi   4096 Nov 26 19:50 search
-rw-r--r-- 1 betaicsi betaicsi    966 Nov 26 19:04 search.css
-rw-r--r-- 1 betaicsi betaicsi   6570 Nov 26 20:23 search.php
-rw-r--r-- 1 betaicsi betaicsi   8321 Nov 22 21:06 services.html
-rw-r--r-- 1 betaicsi betaicsi 449806 Jan 18  2015 WM_CustomerPortal.swf

Is this a chroot issue?

d2d4j · November 26, 2015, 11:46pm

Hi Johan hammy

The issue is permission as it states, and not chroot issue I believe

Have you tried setting php runs as Apache, or if set for Apache, change to iworx

Many thanks

John

d2d4j · November 27, 2015, 1:25am

Hi Johan hammy

Sorry I meant to say also, the failed permission is on the research folder/results so compare the 2 folders for permission and group/user ID, match them and I believe it should then work

Many thanks

John

johan_hammy · November 27, 2015, 4:29am

[root@ip22 public_html]# ps aux | grep httproot      3721  0.0  0.0 103308   860 pts/0    S+   20:20   0:00 grep http
apache    9356  0.3  1.0 441492 42484 ?        S    00:27   3:37 /usr/sbin/httpd -DSSL
root     26371  0.0  0.3 302744 13776 ?        Ss   Nov25   0:03 /usr/sbin/httpd -DSSL
apache   26373  0.2  1.1 442084 43396 ?        S    Nov25   3:20 /usr/sbin/httpd -DSSL
apache   26374  0.3  1.1 443728 45076 ?        S    Nov25   4:52 /usr/sbin/httpd -DSSL
apache   26375  0.2  1.1 441756 43280 ?        S    Nov25   3:48 /usr/sbin/httpd -DSSL
apache   26376  0.2  1.1 443456 44620 ?        S    Nov25   3:39 /usr/sbin/httpd -DSSL
apache   26377  0.3  1.0 429288 40072 ?        S    Nov25   4:11 /usr/sbin/httpd -DSSL
apache   26378  0.2  1.2 438404 49228 ?        S    Nov25   3:41 /usr/sbin/httpd -DSSL
apache   26379  0.2  1.2 447588 49464 ?        S    Nov25   3:25 /usr/sbin/httpd -DSSL
apache   26380  0.2  1.1 442696 43816 ?        S    Nov25   3:08 /usr/sbin/httpd -DSSL
apache   26580  0.2  1.2 446928 48020 ?        S    Nov25   3:50 /usr/sbin/httpd -DSSL
apache   26581  0.2  1.0 441300 42956 ?        S    Nov25   3:09 /usr/sbin/httpd -DSSL
apache   26582  0.2  1.1 442384 43456 ?        S    Nov25   3:21 /usr/sbin/httpd -DSSL
root     26623  0.0  0.0  83060  2948 ?        Ss   Nov22   0:14 /home/interworx/bin/iworx-web -f /home/interworx/etc/httpd/httpd.conf -DSSL
249      27750  0.0  0.1  83520  4400 ?        S    Nov24   0:00 /home/interworx/bin/iworx-web -f /home/interworx/etc/httpd/httpd.conf -DSSL
249      27755  0.0  0.1  83332  4224 ?        S    Nov24   0:00 /home/interworx/bin/iworx-web -f /home/interworx/etc/httpd/httpd.conf -DSSL

I added apache to the betaicsi group and then set access of the html folder to 751.

[root@ip22 html]# groups apacheapache : apache betaicsi

johan_hammy · November 27, 2015, 4:32am

[QUOTE=d2d4j;28055]Hi Johan hammy

Sorry I meant to say also, the failed permission is on the research folder/results so compare the 2 folders for permission and group/user ID, match them and I believe it should then work

Many thanks

John[/QUOTE]

This is the PHP file that’s doing the work. It’s not comparing two folders, but searching the folders for a given text.

<?php

if(!isset($_GET['s'])) {
	die('You must define a search term!');
}


$highlight = true;//highlight results or not
$search_in = array('html', 'htm');//allowable filetypes to search in
$search_dir = '../';//starting directory
$recursive = true;//should it search recursively or not
define('SIDE_CHARS', 80);
$file_count = 0;
$search_term = mb_strtolower($_GET['s'], 'UTF-8');
//$search_term = $_GET['s'];
$search_term_length = strlen($search_term);
$final_result = array();


$files = list_files($search_dir);


foreach($files as $file){
	$contents = file_get_contents($file);
	preg_match("/\<title\>(.*)\<\/title\>/", $contents, $page_title); //getting page title
	if (preg_match("#\<body.*\>(.*)\<\/body\>#si", $contents, $body_content)){ //getting content only between <body></body> tags
		$clean_content = strip_tags($body_content[0]); //remove html tags
		$clean_content = preg_replace( '/\s+/', ' ', $clean_content ); //remove duplicate whitespaces, carriage returns, tabs, etc
	}
	$found = strpos_recursive($clean_content, $search_term);
	$final_result[$file_count]['page_title'][] = $page_title[1];
	$final_result[$file_count]['file_name'][] = $file;


	if($found && !empty($found)) {
		for ($z = 0; $z < count($found[0]); $z++){
			$pos = $found[0][$z][1];
			$side_chars = SIDE_CHARS;
			if ($pos < SIDE_CHARS){
				$side_chars = $pos;
				$pos_end = SIDE_CHARS + $search_term_length;
			}else{
				$pos_end = SIDE_CHARS*2 + $search_term_length;
			}


			$pos_start = $pos - $side_chars;
			$str = substr($clean_content, $pos_start, $pos_end);
			$result = preg_replace('#'.$search_term.'#ui', '<span class="search">\0</span>', $str);
			//$result = preg_replace('#'.$search_term.'#ui', '<span class="search">'.$search_term.'</span>', $str);
			$final_result[$file_count]['search_result'][] = $result;
		}
	} else {
		$final_result[$file_count]['search_result'][] = '';
	}
	$file_count++;
}
?>
<!DOCTYPE HTML>
<html lang="en-US" class="iframe">
<head>
	<title>Search results</title>
	<meta charset="UTF-8"> 	 
	<link rel="stylesheet" href="../css/reset.css" type="text/css" media="screen">		
	<link rel="stylesheet" href="../css/style.css" type="text/css" media="screen">
	<link rel="stylesheet" href="search.css" type="text/css" media="screen">


</head>
<body>
<script type="text/javascript">
;(function(){	
	document.body.onload=resize
	window.onresize=resize
	
	function resize(){
		parent._resize(document.getElementById('search-results').offsetHeight)
	}
})()
</script>


	<div id="search-results">
		<ol class="search_list">
	<?php
		$match_count = 0;
		for ($i=0; $i < count($final_result); $i++){
			if (!empty($final_result[$i]['search_result'][0]) || $final_result[$i]['search_result'][0] !== ''){
				$match_count++;
	?>
			<li>
				<h4 class="search_title"><a target="_top" href="<?php echo $final_result[$i]['file_name'][0]; ?>" class="search_link"> <?php echo $final_result[$i]['page_title'][0]; ?> </a></h4>
				...<?php echo $final_result[$i]['search_result'][0]; ?>...
				<span class="match">Terms matched: <?php echo count($final_result[$i]['search_result']); ?> - URL: <?php echo $final_result[$i]['file_name'][0]; ?></span>
			</li>
	<?php
			}
		}
		if ($match_count == 0) {
			echo '<h4>No results found for <span class="search">'.$search_term.'</span></h4>';
		}
	?>
		</ol>
	</div>


</body>
</html>




<?php
//lists all the files in the directory given (and sub-directories if it is enabled)
function list_files($dir){
	global $recursive, $search_in;


	$result = array();
	if(is_dir($dir)){
		if($dh = opendir($dir)){
			while (($file = readdir($dh)) !== false) {
				if(!($file == '.' || $file == '..')){
					$file = $dir.'/'.$file;
					if(is_dir($file) && $recursive == true && $file != './.' && $file != './..'){
						$result = array_merge($result, list_files($file));
					}
					else if(!is_dir($file)){
						if(in_array(get_file_extension($file), $search_in)){
							$result[] = $file;
						}
					}
				}
			}
		}
	}
	return $result;
}


//returns the extention of a file
function get_file_extension($filename){
	$result = '';
	$parts = explode('.', $filename);
	if(is_array($parts) && count($parts) > 1){
		$result = end($parts);
	}
	return $result;
}


function strpos_recursive($haystack, $needle, $offset = 0, &$results = array()) {               
    $offset = stripos($haystack, $needle, $offset);
    if($offset === false) {
        return $results;           
    } else {
        $pattern = '/'.$needle.'/ui';
	preg_match_all($pattern, $haystack, $results, PREG_OFFSET_CAPTURE);
		return $results;
    }
}
?>

d2d4j · November 27, 2015, 6:08am

Hi Johan hammy

Sorry, I know your script was not comparing 2 folders.

Your document root is public_html, but you could use your HTML folder, so not sure why your grep httproot

I meant for you to compare your doc root folder to your research folder for user ID/group and on your results php file, ensure it has write access, as I think that is where the results are stored

Many thanks

John

johan_hammy · November 27, 2015, 6:48pm

The people that I bought the template from recommended I set my html folder to 755 and that fixed it. Is that safe to do? I figured it was set where it was for a reason.

d2d4j · November 28, 2015, 12:02am

Hi Johan hammy

It is impossible to say as we have no knowledge of you server, environment or websites etc. This is the responsibility for your server admin person.

If it helps, files usually have 644 and folders 755

644 gives owner read/write and users read only

755 gives execute permission as well as 644 permissions, which is needed to access folders

I hope that helps and glad you resolved your issue

Many thanks

John

d2d4j · November 28, 2015, 12:07am

Sorry, the above permissions are for hosting folder only (document root or /html folder)

Please do not use these permissions arbitrary on all folders on server, and if you use the above permissions, you do so at your own risk

Many thanks

John

johan_hammy · November 28, 2015, 5:55am

nods I generally leave things at default unless I have a reason to change them and then limit the changes to the minimum necessary.