Another thing to consider when having CGIs write to files is the physical location of those files.
I believe the safe path (at least in *NIX) is not to write CGIs to system-critical partitions, such as /tmp or /var (and probably some others) which, when full, can bring down a system.
To the Sys Admins out there: please correct me if I am wrong, but I do believe this to be a good practice; at least one I was taught long ago.
| [reply]
[d/l]
[select] |
Daddio's right. I usually make my scripts (CGI or not) write its stuff to /tmp, and then have a separate script pick the files from there, validate them, and put them in the correct place (or mail, etc).
| [reply] |
Most web servers run as a user other than root for security reasons. Thus, if the directory is owned by root, and does not have "others" read/write access, there will be no way for your CGI (which is run as the same user as the http process) to save things to this directory. Adding "others" read/write access, however, is a bigger can of worms particularly on a shared machine, so don't do this. Either make the http user the owner of these directories (either directly, or via a group) or have the data directory outside of the CGI directory but where you can control the owners and permissions. Also, make sure that you are catching all potental file errors with die $! as this will tell you in depth what is going wrong.
Dr. Michael K. Neylon - mneylon-pm@masemware.com
||
"You've left the lens cap of your mind on again, Pinky" - The Brain
| [reply]
[d/l] |
check the path you specify to the file destination (can you write to other dirs?)
stat the directory to see the permissions
is the user your script runs under also allowed to write to that dir?
look up umask and mkdir
look up chmod and chown when you don't get through and know what you want to do -oterhwise ask your admin
Have a nice day
All decision is left to your taste | [reply] |