Hi, this looks like a great (active) place!

I have a pretty simple PHP upload script that I'm having trouble with. It uploads successfully, but for some reason the files always end up with the permissions set to 600. This is on a shared server, and FTP uploads to this folder work with no problem, also, uploads via a different script I'm running on the same server work fine, too.

I've tried setting umask, but either I'm doing it wrong, or that's not the issue. I'm pretty well stumped. I would be incredibly grateful for any help!

Here's the script code (in case it helps):

Code:

<?php

class Upload{

var $uploadpassword = 'temppass';   //for you added security againt bots
var $storage_folder = './uploads';
var $site_url       = 'http://www.site.com/uploads';   //must be same as item above
var $filesize_limit = 10485760; //= 10MB in bytes

var $allowed_extensions = array('pdf');  //this checks the files extension but is not enough security on its own, hence the next section below

var $allowed_file_types = array('application/pdf');  //checks files MIME type for added security         
 
///////////////////////////////////////////DO NOT EDIT BELOW THIS LINE /////////////////////////////////                               
var $filename;
var $file_content;
var $filesize_actual;
var $filetype_actual;
var $password;
var $filelink;
var $message;
var $show_error;

//initiate the upload class
///////////////////////////

function Upload(){

$this->password = htmlspecialchars($_POST['password']);
$this->message = '';
$this->filelink = '';
$this->load_error ='';
$this->show_error = false;


//check if form has been submitted
//////////////////////////////////
if (!$_FILES){
$this->showview();
}else{

//Form has been submitted	
$this->filename = $_FILES['myfile']['name'];
$this->file_content = $_FILES['myfile']['tmp_name'];
$this->filesize_actual = $_FILES['myfile']['size'];
$this->filetype_actual = strtolower($_FILES['myfile']['type']);

//check passowrd
if ($this->password != $this->uploadpassword || $this->password ==''){
$this->show_error = true;
$this->message = 'Error - incorrect password';
$this->showview();	
}


//check file has been selected for upload
if ($this->filesize_actual <= 0){
$this->show_error = true;
$this->message = 'Error - please select a file to upload';
$this->showview();	
}


//check file size
if ($this->filesize_actual > $this->filesize_limit){
$this->show_error = true;
$this->message = 'Error - file too big';
$this->showview();	
}

//check file type
if (!in_array($this->filetype_actual, $this->allowed_file_types)){
$this->show_error = true;
$this->message = 'Error - file must be a pdf';
$this->showview();	
}

//check file extension
$file_extension = end(explode('.',$this->filename));
if (!in_array($file_extension, $this->allowed_extensions) || $file_extension ==''){
$this->show_error = true;
$this->message = 'Error - file must be a pdf';
$this->showview();	
}


//check if storage folder is writable
if (!is_writeable($this->storage_folder)){
$this->show_error = true;
$this->message = 'Error - the permissions on the storage directory are incorrect';
$this->showview();	
}


//finished, save file
//////////////////////
$filename_random_code = $this->filename;
$filename_random = $this->storage_folder.'/'.$filename_random_code;
if (!move_uploaded_file($_FILES['myfile']['tmp_name'], $filename_random)) {
$this->show_error = true;
$this->message = 'Error - could not save the file... please try again';
$this->showview();
}else{
$this->filelink = $this->site_url.'/'.$filename_random_code;
$this->show_error = true;
$this->message = 'Success - prayer letter was uploaded!';
$this->showview();
}

//end
}
}



/////////////
//Show page
/////////////
function showview(){

if ($this->show_error==true){

$load_error = '<div align="center"><center><table border="0" cellpadding="0" cellspacing="0" width="653">
    <tr><td bgcolor="#FFFFFF" colspan="2" width="611">&nbsp;</td></tr></center><tr><td bgcolor="#FFFFFF" width="156">
      <p align="right"><b><font face="Arial" size="2">&nbsp; <img border="0" src="icon.gif" width="25" height="25">&nbsp;
      </font></b></td><center><td bgcolor="#FFFFFF" width="493"><font face="Arial" size="2" color="#006699">'.$this->message.'</font>
	  </td></tr></table></center></div>';
} 
	
echo '
<form action="upload.php" method="post" enctype="multipart/form-data" ><div align="center"><center><table border="0" cellpadding="0" cellspacing="0" width="446" height="89" style="border: 1px solid #EBEBEB">
<tr><td width="442" colspan="2" bgcolor="#EBEBEB" height="26"><p align="center"><b><font face="Arial" size="2">Quick file upload</font></b></td>
</tr><tr><td width="114" height="21" bgcolor="#FFFFFF"></td><td width="328" height="21" bgcolor="#FFFFFF"></td></tr></center><tr><td width="114" height="21" bgcolor="#FFFFFF">
<p align="right"><font face="Arial" size="2">password&nbsp;&nbsp;&nbsp;</font></td><center><td width="328" height="21" bgcolor="#FFFFFF"><input type="password" name="password" size="20"></td>
</tr></center><tr><td width="114" height="21" bgcolor="#FFFFFF"><p align="right"><font face="Arial" size="2">upload file&nbsp;&nbsp; </font></td>
<td width="328" height="21" bgcolor="#FFFFFF"><input name="myfile" type="file" size="30" /></td></tr><tr><td width="114" height="21" bgcolor="#FFFFFF"></td>
<td width="328" height="21" bgcolor="#FFFFFF"></td></tr><tr><td width="114" height="21" bgcolor="#FFFFFF">&nbsp;</td><td width="328" height="21" bgcolor="#FFFFFF"><input type="submit" value="UPLOAD FILE" name="B1"></td>
</tr><tr><td width="114" height="21" bgcolor="#FFFFFF"><p align="right"></td><center><td width="328" height="21" bgcolor="#FFFFFF">&nbsp;</td></tr>
</table></center></div><!-- error table -->'.$load_error.'<!-- error table end --><!-- link table --><div align="center"><center><table border="0" cellpadding="0" cellspacing="0" width="653" height="40">
<tr><td height="22"></td></tr><tr><td height="18"><p align="center"><a href="'.$this->filelink.'" target="_blank"><font face="Arial" size="4">'.$this->filelink.'</font></a></td>
</tr></table></center></div><!-- link table end --><p align="center">&nbsp;</p></form>';

die();

}
	


//////////////////
//random code
//////////////////

function randomcode() {
    $chars = "abcdefghijkmnopqrstuvwxyz023456789";
    srand((double)microtime() * 1000000);
    $i = 0;
    $pass = '';

    while ($i <= 15) {
        $num = rand() % 33;
        $tmp = substr($chars,$num,1);
        $pass = $pass.$tmp;
        $i++;
    }

    return $pass;
}


}
?>

I've searched some on Google, and apparently you can't fix this with PHP.
The suggestions I've seen involve using shell-access to chmod the file.

Once you have the file in the final directory, if you can define the filename you should be able to chmod it via php right within the same script that moves it. In the past I have done it but right the call escapes me.

You will be limited by the server settings and 644 or 655 is about all you will be able to do via php.

Thanks, guys! I really appreciate the help.

644 or 655 should work fine- it would at least make the file readable. I'll do some more looking around.

Thanks!

Since I sometimes forget what threads I have posted in, PM me if you strike out and I will find the 2-3 lines of code. Pretty simple though it is just
chmod ($filename 644);

Thank you, colbyt- that's very kind!