Problem writing files to server

software development

#1

I’m into my 8th hour waiting for a reply from tech support so I’m hoping someone in here might tell me if they have had any issues with scripts not being able to write to the server eventhough the permissions are set correctly on the files.

here is what I sent tech support:

Message from you (Oct 28th, 2006 - 09:44:10 / #1574745)
chmod does not work to be able to save files?

I am installing a proven php script and I am setting the permissions correctly, but the script is unable to save the changes. I had one of the tech support guys from the script company ftp to my account because he thought I was just not doing it right but then he came back puzzled and said:

“I even made sure the chmod settings were correct, and no matter what, they will not save. You are going to have to get with your web host and ask them why you can not save any files. Tell them that chmod does not work for your account to be able to save files”

“this is an issue on their server and with your account. These settings even save on a windows server so I know this is a problem with your account. I promise you that this has nothing to do with what you may have done or not done. I have personally installed this same application on about 2000 other machines (servers) both windows and linux, bsd so I know this application like the back of my hand and this is a problem with their server.”

“Just have them check the account for you. Your not asking them to install the script, just to make sure that you are able to write to
files on the server to be able to save your config.”

…so anyone know if their are any known issues at dreamhost that might explain this? I know when I tried to import some sql files I got an error until the script guys dug out some alternate tables, so I’m wondering if there isn’t something going on security wise that is screwing me up.

…anyone??? I don’t know crap about scripts so I leave it up to the people who sell them to install them… and when they cant do it, I get worried


#2

I found this:“Dreamhost runs cgi under suexec (which means that cgi runs as, and with the same permissions as, your user). For most software, this means that 755 is the permission you should have set on directories you need the software to be able to write to (even if the software’s instructions say something else, like 777 or 666)!”

then again in another thread: "Irrespective of the instructions that came with the forum, set your permissions on the upload directory to 755 on Dreamhost (it’s a quirk of DH use of suexec - and it is a “good thing"tm for security).”

…I gave it a whirl… nothing. this is what my instructions said:
Here are the chmod settings required to work properly:
444 - mainfile.php
777 - all cache folders and subfolders of cache folders (including all those in every new module you install)
666 - all files in every cache folder and subfolder of a cache folder (except the index.html files which can be left at 644)
755 - all other folders
644 - all other files


#3

It would help a lot if we knew what script you were having the problem with. Is the code encrypted in any way? Does it require a particular version of PHP? My experience, having been with Dreamhost since 1998, is that I have never had a problem writing to the server “even though the permissions are set correctly on the files”. The problem is that there are some “different” permission settings that come into play because of the way Dreamhost is set up, and I have had problems writing to files (and even running the scripts themselves) on many occasions when using the permissions recommended by the author of a script or in their instructions.

Dreamhost uses suExec to run CGI scripts as “your” user, instead of running them as the server, and this changes what you should set as your permissions when using a script on Dreamhost. PHP on Dreamhost runs as PHP-CGI, hence this is a consideration.

For example, even if a script’s instructions require that a directory be set to 777 or 666, doing this will often “break” scripts on Dreamhost, where you generally should set permissions on directories to 755 and file to 644 (even if they need to be written to).

Many “script companies” don’t realize this and mistakenly advise you to set your scripts up with permissions that don’t work properly on Dreamhost.

Additionally, Dreamhost’s PHP-CGI installation has certain functions disabled, for security reasons, and, while I can’t know for sure if this could be part of the problem as I can’t see the code, if the script is trying to use any of these disabled functions to write to a file, the script will, of course, break.

There is considerable information about all this in the Dreamhost wiki - search for php cgi etc., and you will many articles about the “nuances” involved with running PHP on Dreamhost.

Dreamhost also allows you to decide whether you want to run your domain under “Extra Web Security”, which is just Dreamhost’s way of referring to mod_security. If your domain is set to run this way, there could be some effect on some scripts as a result of that. It is really hard to tell exactly what the interactions of mod_security are, as they are determined by “rules” that Dreamhost has instituted as they see fit and are not made public (a bit of “security by obscurity” at play there, I suspect). You can disable this setting for your domain if you choose (Manage Domains-“Edit” next to the domain name, from the control panel)

All that being said, I have yet to encounter a “mainstream” script that simply could not be run on Dreamhost, though you may need to compile your own version of PHP, or go through other machinations to get to to work.

As for the script being “proven” - that’s a pretty broad, and subsequently, meaningless statement, as many scripts need to be “tweaked” or installed in a particular manner to work in slightly different PHP environments. What works fine on server A might need considerable adjustment to work on the configuration of PHP on server B. I know that is frustrating, but that is the current state of affairs with PHP in general, as different versions, configurations, and installations of PHP abound. If a programmer takes the proper steps to account for such things when coding the program, many of these types of problems can be avoided, but many php programmers do not code for portability across different types of PHP installations, or for that matter even across different versions of PHP. There is a recent thread in this forum concerning the PHPFootball program where an example of this is well demonstrated.

I realize that my post doesn’t get your script running, but I think it does address the kind of problem you are having. If you share some details about the script, I’d be happy to visit the website, check out the installation instructions, and/or the system requirements to see if there are hints there that might have a bearing on your difficulty.

–rlparker

Edit: Oops! Looks like our posts “crossed in the ether”, as your update wasn’t online before I started typing my reply…Your update makes me think you are on the right track :wink: What forum are you trying to install, and is it Open Source or proprietary? :wink:


#4

There should not be any reason when running PHP on Dreamhost for you to set any files or folders to 777 or 666, so I’d start there…

–rlparker


#5

dogboy,

just a few additional thoughts, with the purpose of reinforcing the old caveat, “don’t believe everything you read” :wink: :

(emphasis is mine)

You have to wonder about the “correctness” of this response - “windows server” permissions work in a different way, and “These settings” are not relevant in that environment. Also, it appears none of those “about 2000” other servers were Dreamhost Debian running PHP as CGI under suEXEC.

Well, he may know the application intimately, but he obviously doesn’t know enough about “their server” to make such a statement; he may believe that to be true, but his “belief” can, in actuality, only be a suspicion as he does not know the relevant particulars of the Dreamhost set-up

[quote]Just have them check the account for you…just to make sure that you are able to write to
files on the server to be able to save your config."[/quote]
This, of course, never hurts. Just don’t be too surprised if the DH tech support response is “There is nothing wrong with the server” :wink:

–rlparker


#6

wow! I can’t thank you enough for writing all that out. let me read over everything and then I’ll respond… but thank you so much for your thoughts.


#7

[quote]what script you were having the problem with

[/quote]

it is a ‘myspace clone’ if you will… it is located in this directory:
http://www.peace-train.org/members/
…but it will forward you to a module, which is set by default. Case in point, if the gui admin panel accepted my changes to the checkboxes, I could edit where it lands you. See what I’m saying? no errors, it just returns me back to the same page like nothing happened… and funny enough, nothing did:)

[quote]Is the code encrypted in any way?
[/quote]

no. in fact its (mainly) open source

[quote]Does it require a particular version of PHP?
[/quote]

5

[quote]Dreamhost’s PHP-CGI installation has certain functions disabled, for security reasons

[/quote]

THIS concerns me too… I was seriously thinking along those lines.

…I don’t know… I’m just a simple webmaster with a headache:) time for me to get some sleep:) Hopefully they will respond by morning. I’m just bummed its taking this long… its midnight now and I’ve been going in circles all day.


#8

dogboy,

Believe me, I know how frustrating this stuff can be; some times things do work better after a good night’s sleep (or a few drinks!) and a “fresh start” on a new day.

From the information in your last post, here are a few things I suggest you consider:

1)As for “encrypted” or “open source”, there are a couple of issues here you might want to clarify. The program you are trying to run (PHP MySpace Gold Edition 8.04) is represented by those who sold it to you as not being “open source” in the GNU/GPL sense, and is subject to a licensing agreement agreement according to the FAQ (though I cannot find a copy of the license for that particular product on the author’s website). The fact that you can “read the code” is not really what I meant by “Open Source”. What this means in practical sense is that you may/may not be able to legally modify the code you purchased without the author’s permission, and you should check your license or contact the author to clarify that point.

Side note: I wonder how long they will be able to get away with using “MySpace” in their product title - especially given that the software purports to be a MySpace clone - I’m suspecting the MySpace “lawyers are on their way!” to visit them soon, and the authors had best bring “lawyers, guns, and money” of their own if they intend to defend themselves) :wink:

  1. According to the author’s FAQ, they indicate that “Most of our software is not encoded in any way, however there are some titles that we have encoded to protect our product.” You need to clarify whether or not any of the parts of the program you are trying to use are encoded, and if so, how.

  2. While you indicate that the program requires PHP5, the FAQ on the author’s website states:

[quote]PHP 5 Issues
A. If you are running PHP 5 on your server you may have issues with some software. Most software (not just ours) are not written to support PHP 5 as this version is still very new and most developers are waiting to see what if any bugs are going to be found. If you ordered software from any one of our sister sites and are running PHP5, please submit a ticket to the support desk requesting a version of the software for PHP 5.[/quote]
I don’t see this an an encouraging sign, and I suggest you investigate this issue with them specifically. Unless they have provided you with a “PHP5 version”, you could always try resetting your domain at Dreamhost to use php 4.4.2 and see if that works. Even if they have provided their PHP5 version, you might request, and try, their “standard” PHP4 version, and run it under PHP 4.4.2 to see if you have better results.

4)Further inspection of their FAQ, reveals a completely “nonsensical” discussion of register_globals, and an downloadable .zip file containing an .htaccess file designed to set register_globals to “on” - this is “Bad Mojo” for security and the Dreamhost installation of PHP5 is set by default to operate with register_globals set to “off” for good reason. The .htaccess they offer will not work on Dreamhost - to get around this restriction (and I strongly advise that you do not do so), you will need to compile your own version of PHP5, revert to PHP4.4.2, or use your own instance of PHP5 with a customized php.ini (discussed in the wiki). Using PHP 4.4.2 is easy enough to do, but the other two alternatives will likely prove to be “difficult” for you given your description of your scripting skills.

In summary, what I suggest you do is to gather all the information you can about the Dreamhost environment (I’d run a phpinfo program from within my domain and provide them the output). You can also point them to the Dreamhost Wiki for any additional information they need. They should be able to tell you if it will or will not run in the Dreamhost environment with that information. IMHO, if it will not run on Dreamhost, they should refund your money, but these types of companies are often very difficult to obtain refunds from, and their FAQ is not encouraging. I think it is also “uber bad” that they don’t show you the license or confirm the encoding status of each program before you buy, but it’s a little late to worry about that now :wink:

Lastly, and please don’t think that I am trying to be “hard” on you here, but when evaluating a script you are considering purchasing, I strongly suggest you remember that Google is your friend™. The search I linked would be more than a little discouraging to me, as results from the first page show:

it appears to be hacked version of Xoops/e-Xoops, that doesn’t work for this poster - one encouraging point: if that is true, than maybe you can “argue” that the GPL license applies, which might let you legally “hack” at the code.

more of the same, but with threat of legal action from Xoops developer

myspace clone (Php MySpace Gold) …from p*pscript.com this time, and it doesn’t work either. It is loaded with bugs.

…problem reports from the last 90 days or so, scattered among ads for the product by “affilliates” of every ilk. As you browse/search further the news only gets worse :frowning: .

general thread about p*pscripts.com By then, I’d read enough.

I’m afraid that you are going to have to rely upon the people that sold you the script for the bulk of the support you get, and I doubt that Dreamhost will be able to help you too much as supporting 3rd Party scripts is not their function. Frankly, I’m still willing to answer an occasional question on this installation in the interests of helping you, but this baby is likely to be a mess.

You might try running it under PHP4.4.2, as suggested, and talking more with the people who sold it to you. Good Luck!

–rlparker


#9

There appears to me to be significant evidence that the software product you are attempting to install (PHPMySpace Gold) is being distributed illegally in violation of the GPL. :frowning:

Herko Coomans, the former Xoops.org Project Manager, and presently the Chairman of the Xoops Foundation, has obtained and reviewed the code in question and is working with the Software Freedom Law Center to get this issue resolved.

As of September 19th, 2006 he is badly in need of a copy of the “license” or “terms of use” that were delivered to a purchaser of this product.

A detailed, though lengthy, history of this issue can be found in this thread on the Xoops.org website. Please take the time to read through the whole thread (and the other thread from Xoops.org listed in my previous post) so that you fully understand what is at issue here, and consider responding to Mr. Coomans with any correspondence or documentation you have regarding your purchase of this product and subsequent contacts with those who sold it to you.

While I know it must be discouraging you to find yourself trying to install this code, that I presume you purchased, only to encounter the kinds of problems you are having, I encourage you to “do the right thing” and follow up on this :wink:

–rlparker


#10

Now for a little “encouraging” news:

You might want to check out AROUNDme: An Open Source PHP MySpace Clone that is under heavy developments, is truly “Free” (GPL and “free as in free beer”), and is available at BarnRaiser.org

–rlparker


#11

Given the circumstances involving this software package (see my preceding posts on this thread), I most strongly suggest you ghange the password on that account immediately.

–rlparker


#12

hey, once again, I am indeed indebted to you… but I need to say a few things though…

first off, I am not a coder at all. But I have made a living online since 96 as an SEO, so I know which end is up enough to know that when things get technical (from a script standpoint) I need paid help. Installs, customization, backup, whatever. Same with code. I usually buy it from people that can install it or at least have an outsourced install service and support it.

this time is different…

I’m still in debt from some ‘intellectual theft’ myself that happened to me 2 yrs ago, and I don’t have money to just throw at this project because I’m not defining its future ‘success’ financially… so I’m kinda stuck being blind and dealing in stuff I know I shouldn’t be. In the case of popscript, they seemed to be the only place I could find to offer what I wanted, so I paid them, instead of getting one of the warez hacks, because even if I’m broke that isnt my style. And, so far, my experience with them from a support standpoint has been truly excellent.

3 out of 3 people from Popscript that I had interactions with have gone out of their way to help me in a timely, professional, and COURTEOUS manner… they even offered to call me to walk me through something and then actually DID, a minute after I gave them my number. You know what I’m saying? Friendly, helpful, cheerful people. That is SO rare for some reason. (Granted, your generosity is even more rare:)

But still… I guess my point is I’m waiting 20hrs to get a reply from the first of 4 DH trouble tickets. I have been here for about a year, never asked them for anything, always paid in advance… if they want money for tech support, bill my card, but just give it to me. Maybe it IS a debug issue, maybe they should say unequivocally that it is (after they check the account like I asked them) and then give me a rediculous per hour fee to fix it, and let me decide… but to leave me hanging? lame. Whether or not I get my script to work, that is reason enough to question getting out of here…

as far as them violating terms, here is my understanding… I am bought a script that is partly THEIRS and part open source. one on one support was included in the price. And as far as I know, thats what I got… and if I could get it to run on this server, I’d be very happy with my money spent:) Again, you have to remember, a big open source website full of information does NOT look inviting to me… it TERRIFIES me. The only benefit of it to ME, is that it means it reduces the cost of having a custom script created just for me. The script has open disclaimers all over it so they did NOT remove them. If I wanted to I’m allowed to duplicate this as many times over as I want… I just cant use their images or text. Fine with me.

For example, how much would a myspace clone cost me if it was done from scratch to my specs? $10k? twice that? Now, what if I could get 95% of it for free? Even if I dropped another $1k on customizing it, I’m still ahead, you get me? But if you didn’t figure it out already, I cant give you the code to look at because I dont know what I’m looking at:) You are offering ‘free help’ right now, but I can’t make use of it… you see what I’m saying? I need to hire you so that you can talk to me, so you can go talk to someone like you, get free help, AND know what to do with it:) That’s MY problem. ehheeheh Maybe the REAL problem is even though volunteer projects still pay the same as they did when I got out of school, they haven’t adjusted for the increase in the cost of living;)

ok… I just wanted to let you all know there is always 2 sides to stories and from the links you pointed out it sounded like only one was being told. The guy that complained about support sounds as if he bought a stolen version and they were refusing to support it. Sounds like the other stuff should be decided in arbitration or court, but definitely not decided by me. If they want to package open source up into a nice, neat, useful package, support it, and take away that open source feel/freedom that you all thrive on, and CHARGE me for it, I’m willing to buy it, even knowing their is a ‘free’ alternative right next door because ultimately I’ll waste more time in there trying to get around, and I’ll need to hire people to make things work anyway.


#13

I went back and looked over my only other ‘support history’ in my DH account admin, and saw where another installer was having trouble with another script and I was relaying information I didnt understand… now maybe it makes more sense… here is what I edited together:

Q: “your host doesn’t allow file open which affects a number of the scripts.
ask them if they have “cURL” installed. usually if they don’t allow
file access they’ll provide cURL. And is register_globals off? and if so, ask if you can turn it ‘on’ for a specific directory?”

A1: You have two options: 1) use cURL or 2) set up your own php.ini so that
the option needed can be enabled.

A2: Register_globals is on with PHP 4 and off with PHP 5. These are our
defaults, though, and can be changed if you set up your own php.ini file. You, can compile your own version of php and use which ever settings you want. Here are instructions: http://wiki.dreamhost.com/index.php/Installing_PHP5


#14

I just got a nice auto reply from dreamhost, which was unexpected and appreciated:

"This is just a note to let you know that although it’s almost been
24 hours since you sent in your message, we haven’t forgotten about you!

"We strive to answer all questions within 24 hours, but due to the
large number of questions we have right now we’re afraid we may have to go over a bit this time. :frowning:

"Please hang in there and we’ll be getting back to you as quickly
as we possibly can!

“Our apologies again, and we appreciate your understanding.”

…that’s cool of them.


#15

RE: Barnraiser

Thanks for the tip, rlparker! I never would have had the confidence to just “go for it” without you and all the other great users of this forum.

I usually keep notes when I am doing this stuff, so I’ll try and provide a simple tutorial at some point for anyone who needs it.

While setting up the database I noticed this little piece of text. Wonder how often this issue has come up for support!!!

[code]SUCCESS: Your database “aroundme” has been created!

Your hostname “mysql.aroundme.mydomain.com” will be set up within about 5-10 minutes.
You MUST always use your hostname to connect to your database… “localhost” WILL NOT WORK.
[/code]http://benconley.net
http://teamshocker.com


#16

dogboy,

Thanks for your well-written and illuminating post! I’m realizing now that I may have sounded overly harsh in my previous post(s) regarding p*pscript; I certainly understand that it often makes excellent business sense to purchase “open source” scripts from people or companies who can provide support for them in many circumstances. It was not my intention to belittle, or criticize, you for doing that or the company who sold you the scripts for doing that. Such things are an important part of the Open Source idea! :slight_smile: .

It is great that received timely attention and support from p*opscript toward getting the program up and running. Your description of their actions makes it clear they they are interested in helping you get the program(s) running, and the fact that they have been “friendly, helpful cheerful people” is (unfortunately) rare enough these days. SHort of actually getting the program(s) to run, it appears they have met, or exceeded, your expectations in the support area.

As for the Dreamhost support responses, I understand your frustration. No one like to wait for days for tech support responses and many have indicated that they are willing to pay for a higher level of Dreamhost support. It is also true that the “no phone support”, email only support that Dreamhost offers is not for everybody; some would really be happier, and better served, with a different process even if it costs more. I can’t imagine that a reasonable person would be critical of someone in that position. “One size fits all” just doesn’t and people have different technical support needs and priorities.

I understand, and I think I need to clarify some things here myself. Firstly, the GPL is “viral” in nature, and it is really not quite as simple as adding “THEIR” stuff to a GPL licensed codebase, though that is a very complicated discussion that doesn’t really serve to help your situation and is not particularly relevant as you will be “happy” if you can get the script to run :wink: . I also understand your statements about “the codebase” being intimidating and is only valuable in that it “reduces the cost” of having to start from scratch with a “custom” script. Your statement that, “The script has open disclaimers all over it so they did NOT remove them,” is very important to me (and to other Open Source advocates) as well as the authors of the original code. Hopefully, those “disclaimers” are the original copyright notices that are required to remain in the code. The fact that they are present in your code is a pretty good indication that the Xoops foundation people have had some productive communication with p*opscript regarding this issue, as others have presented code without those notices.

Your comments regarding the advantages of building on an existing product are right on the mark, and I fully understand and appreciate your thoughts in that area. “Re-usable” code is a great thing, and makes many projects “doable” that otherwise would be prohibitively expensive (and probably more prone to errors!). Again, I also understand your thoughts about the value of “free” help/code that you can’t understand, and I do not take issue with you or anyone else that makes the business decision to “pay someone” to handle the technical stuff (thank goodness my clients do that, as it is how I pay my bills!). It is also all too true that the pay from “volunteer projects” pays less toward my total needs now than it did when my needs were “few” :wink:

I very much appreciate that there are always at least two sides to every story. It was not my intention to point out only “one side” with the links I referenced; I just selected what I felt were representative samples of what the search returned. Other than links to others selling the script, the majority of the links I checked (and I did not check them all :wink: ) were reports of not being able to install the script, problems with intellectual property issues, etc., and I felt you should be made aware of them. Given the information you have provided in this thread, you have probably helped “balance” that to some degree as your experiences with the script, and with the sellers, will be picked up by Google and be included in future searches.

I agree pretty much with all that, though I would point out that the Xoops Foundation people agree with you on that, and have been attempting to resolve the licensing/GPL issues. In fact, it appears as though they may have made progress to that end since Mr. Coomans last posted in September as you indicate the code you received does have disclaimers in the code (which others reported as not be present in the code they received) My take on that is that p*opscript may have been prevailed upon to restore the copyright notices (though I don’t know that is true, or to what degree, as I have not seen the code).

The only issue I, and most other Open Source advocates and developers, have with those who “package open source up into a nice, neat, useful package, support it, and take away that open source feel/freedom that you all thrive on, and CHARGE … for it” is that, if in doing that, they further restrict the “free” (as in “freedom”, not as in “free beer”) nature of the product in violation of the license under which the code was released or remove copyright notices. As I previously stated, the whole subject of the GNU GPL license is a large and complicated one, and there are plenty of resources available on the net for those who are interested in researching it further, so I won’t belabor the point here. My point in bringing it to your attention was that others have reported the code had been further restricted and that copyright notices had been removed. I’m glad to hear that, in the code you received, this may not be the case. :wink:

–rlparker


#17

dogboy,

Yep, you have that properly sorted! Both of those issues could have a bearing on your script - from the sellers FAQ, I suspect the script might want register_globals to be on. At any rate, passing that information on to the tech people from the seller might be useful to them :slight_smile: I remain hopeful that once they understand the Dreamhost environment they can get it installed. Good luck! :slight_smile:

–rlparker


#18

Ha ha! Well, at least you know they have not completely forgotten or ignored you, eh? Hopefully you will hear from them “sooner” rather than “later”. God Luck!

–rlparker


#19

Hey, I’m just glad you found the link to be useful. It never ceases to amaze me what some people are doing out there.

If you are referring to the reference that “localhost will not work”, the question has come up many times :wink: .

BarnRaiser’s Aroundme does look like it has a lot of promise, and I’m gonna play with a bit myself (when I find a little extra time!)

–rlparker


#20

AroundMe stuff to be continued. Starting new thread. Sorry for minor hijack attempt.

http://benconley.net
http://teamshocker.com