After I've updated to Mediawiki 1.29.0, I can't upload any file. When I upload a file, I get this error message:
Could not open lock file for "mwstore://local-backend/local-public/b/b0/1.jpg".
I've chmod the folder images and sub-directories to 755, and verified that the folder images/b/b0 is found and writable.
I'm running on Centos 7.5 and PHP 5.6
Solved by changing images folder permissions to 777 instead of 755
I had the exact same message
Could not open lock file etc
In my LocalSettings.php I commented out $wgUploadDirectory , that according to the documentation at mediawiki documenation for $wgUploadDirectory will make it necessary to also redefine $wgUploadPath
There are other variables which are defined relative to this one. If you redefine this in your LocalSettings.php then all dependent variables including $wgUploadPath will need redefining also. If both these settings are not coherent the files will be uploaded to different folder ($wgUploadDirectory) than from where MediaWiki will try to retrieve it for viewing ($wgUploadPath)!
After commenting out $wgUploadDirectory I could upload and use files.
Related
css is not working after uploading the file on server with filezilla i added file permission 755 on server and even after that it's not working.
I have changed /web/assets/d01711d6/css/bootstrap.css.
css is not working after uploading the file on server with filezilla i added file permission 755 on server after that it's not working.
This may depend on several factors.
Cache
If the application is hosted it may be that it is a problem of the server cache so the new CSS file is read to the cache expiration (sometimes several days). In some cases the provider it provides configurations for enabling a temporary mode that disables this mode and promptly update the files.
Asset Management
Another factor is related to the fact that the directory where content assets are dynamically generated so not always the name of the directory in the development environment and the production server match. It is in these cases to find (looking for it) the actual directory used by the server and replace the file in the right place.
If, as the practice, changes to css file was made in the original directory and not on the copy of the file created by dynamically from asset management, one usually proceeds by eliminating the directory containing the assets of interest and the first subsequent invocation of the application (the URL / link) a new directory of assets is created for these files
I moved the complete yii2 installation from one server to another with the help of FileZilla. Sadly, Filezilla don't keep the file permissions by default, and now I'm facing issues with file / directory permissions. I would like to know what's the file permissions for different directories and files in the yii2 directory hierarchy.
You should not transfer the project this way.
Currently it's the era of version control (especially Git) and Composer.
Once you created you project locally and put it under version control, you push it to your main repository and then deploy it to production server.
No need to use Filezilla or something like that.
If your hoster limits you in that, it's better to switch to another one.
In your current situation comparing and setting permissions manually can be very tidious, some of the permissions are set during init command.
So I recommend to deploy it again using version control and Composer instead of struggling with manual permissions setting.
But just in case, I checked production server, most of the folder permissions are 0755, for files - 0644. Folders like runtime, assets have 0777 permissions and set with init command as I mentioned above.
Locally I use Vagrant and pretty much everything here has 0777 permission.
The source for my Jekyll-powered website lives in a git repo, but the website also needs to have a couple large static files that are too large to go under version control. Thus, they are not part of the Jekyll build pipeline.
I would like for these to simply live in an assets directory in the Jekyll destination (which is a server directory; note that I don't have have any control over the server here; all I can do is dump static files into a designated directory) that does not exist in the git repo. But, running jekyll build deletes everything in the output directory.
Is there a way to change Jekyll's behavior in this case? Or is there some other good way to handle this issue?
Not sure this addresses the specific case in the OP, but seeing as how I kept getting to this page when I finally found an answer here, I thought I'd add an answer to this question in case it helps others.
I have a git post-hook that builds my jekyll site in my webhost when I push to my host, but it was also deleting anything else that I had FTP'ed over. So now I've put anything I need to stick around in a directory (external/ in my case), and added the following to my _config.yml:
exclude: [external]
keep_files: [external]
and now files in external/ survive.
If you upload Jekyll's output directory via FTP to your server, you can use a FTP tool that lets you ignore folders.
For example, my own site is built with Jekyll, but hosted on my own webspace, so I'm uploading it via FTP.
I explained in this answer how I scripted the building and uploading process, so I can update my site with a single click.
In my case (Windows), I used WinSCP, a free command-line FTP client, for this.
If you're not on Windows, you need to use something else, but there are probably other FTP tools out there that are able to ignore folders.
To ignore your assets folder in WinSCP, you just need to put this line into the script file:
(the file which contains the actual WinSCP commands - read my other answer for more information)
option exclude "assets/"
Now you can upload your large assets folder on the server once, and it won't be overwritten/deleted when you later update your site via FTP.
Would you please let me know how to update OJS (Open Journal System). I have installed it on a shared server and I have no access to the shell, only a web interface and control panel (direct admin) is allowed. I think there must be some update button online, But i could not find it.
Thanks
Download and decompress the package from the OJS web site
Make a copy of the config.inc.php provided in the new package
Move or copy the following files and directories from your current OJS
installation:
config.inc.php
public/
Your uploaded files directory ("files_dir" in config.inc.php), if it
resides within your OJS directory
Replace the current OJS directory with the new OJS directory, moving the
old one to a safe location as a backup
Be sure to review the Configuration Changes section of the release notes
in docs/release-notes/README-(version) for all versions between your
original version and the new version. You may need to manually add
new items to your config.inc.php file.
The easiest thing would be to make a new folder on your shared hosts with the latest version. Copy over the config.ing.php, cache, and public folders. If your files is within your OJS folder as well, copy it too (though, you should move it outside the web accessible location).
Then you'll find an option to upgrade the database in the Admin pages.
I have developed a download/upload manager script.
When I upload a file via POST method it is stored in a folder called files, the files folder is within another folder called download-manager.
Now it seems when I upload via the POST method 0666 CHMOD works when I want to rename, delete the file but the download-manager folder and the files folder need to be 0777 CHMOD for this to work. Now can someone tell me if this is dangerous?
1) I got a deny all in .htaccess so nobody can access the files directory via a browser
2) the upload script is protected by a username and password which the person who uses the script will obviously change, so only admins can basically upload, rename, edit, delete files and the records in the MySQL database.
When a file is uploaded a record is added to the database with information like file type, file name, file size etc and then the unique id (auto incremented by MySQL) is appended to the process.php file which gets the file from the directory and mime type etc that is not revealed, the process.php basically does the checks to see if record and files exists and if so forces the download of that file.
Basically the download URL is like: wwww.mydomain.com/process.php?file=57, a check is done to obviously make sure that id exists in the database and that a file exists with the file name stored in the database with that id.
Now all this works fine when uploading the file via a form using POST method but I also added a manual upload so for people who want to upload a file that is larger than the size their webhost allows they can simply upload the file via a FTP program for example and then just add the filename and file details manually themselves via a form in the admin area to link the record with the file. The problem is then a permission issue because if the file is uploaded via FTP or whatever way they upload the file by the php script cannot rename, delete the file if needed in the future as the php script does not have the correct privileges. So from what I gather, the only option is then telling the persons who use the script to change the file chmod to 0777 for it to work, i think that will make it work?
But then I have the problem of 0777 also being executable. The script allows any file type upload as it's a download/upload manager script but at the same time I am slightly confused with all this permissions lark and what I should actually be doing. As php is limited by the max upload size set by a host I want to add manual upload so users can upload the file by another method and assign the file to the database record but then as stated I get a problem when wanting to rename, delete the file via the php script.
I have developed the script to detect such problems and notify the user etc but I would like to try and make this script do all the leg work or nearly all of it without having to state in the manual that the admin will have to chmod the file to 0777 when they want the script to rename, delete the file, although I don't know if just chmodding the file to 0777 will actually allow the php script to the rename, delete it and so forth but also security is then a concern.
UPDATED
Ok thanks so chown the file before chmodding it on upload?
Do i just use chown() around the file and nothing else and that will make it owned by the server process and make it private? as i see you got
chown apache:apache '/path/to/files' ;
Do I need to add the apache:apache bit?
I did think of this as simpler solution, if a admin does a manual upload tell them they will have to rename/delete the file manually if needed in the future because the script won't have the correct permissions to do so, this would then make this a easy solution, as the manualupload script can just rename the db record to keep it linked to the file. That way no worries of file permission issues.
Simply put user changes file manually via ftp for example from myfile.zip to somefile.zip then they edit the db record for that file and change the filename to somefile.zip from the old filename myfile.zip, that way everything is linked still but no worries about permission issues. As I also have been reading that chown() does not always work or cannot be relied on for whatever reason.
1) i got a deny all in .htaccess so nobody can access the files directory via a browser
Store your files in a separate folder, away from the directory structure that houses your PHP files.
As far as the permissions on the directory are concerned, there are three ways to go about setting up the permissions on the folder:
Make it world-writable (chmod 0777 '/path/to/files/')
This is not recommended, as it has major security implications especially on a non-dedicated server; anyone who has an account or can tell a process on the server to write/delete to that folder will be able to change its contents.
Make it temporary (chmod 1777 '/path/to/files/')
This also carries a security concern, but less so than option 1 for the following reason: users cannot modify the directory--only the files they own.
Make it owned by the server process and make it private (chown apache:apache '/path/to/files' ; chmod 0700 '/path/to/files')
This is arguably the best solution.
Just relax & enjoy.
On many shared hostings it's the only possible solution anyway.
There is another option - to ask a user for ftp pass and use ftp for copying files from tmp, like wordpress does. But I think it's even less secure.