PHP Form writing to file in https://

StackOverflow https://stackoverflow.com/questions/1525711

  •  20-09-2019
  •  | 
  •  

Question

I'm having issues getting a php form to write to a file hosted with the apache httpsdocs folder. The form works just fine if all parts of it are using the http protocol, but when I secure the form, form submission and the file the results are written to, it fails.

Can anyone help?

This is the php code:

$myFile = "files/data.txt";
$fh = fopen($myFile, 'a') or die ("Could not read file");
$stringData = "Data in pipe format\n";
fwrite($fh, $stringData);
fclose($fh);
header( 'Location: http://www.example.com/thankyou');

And the various LOCATIONS are:

  • /var/www/vhosts/example.com/httpdocs/files
  • /var/www/vhosts/example.com/httpsdocs/files

Additionally, my form page is https://example.com/form.php, and the form field redirects to action="processform.php", so why does it look for processform.php in httpdocs rather than httpsdocs? Surely it should stay within the same protocol/directory as it was called from!

Thanks for any help :)

Was it helpful?

Solution

You are confusing things. The urls are not urls, they are directories. My first idea is to check the rights of the secure directory ( # /var/www/vhosts/mysite.co.uk/httpsdocs/files ) to see if your webserver user can write there.

OTHER TIPS

I second Maarten, this is definetly a permission setting on the file. Have you chmod'd the file? That should be your only issue, however this type of submission is very insecure even if you do it over https. I would make the file called something like 'data.secured' Then you can use apache's permission settings to 'lock off' the file from external access/read.

<files "*.secured">
order allow,deny
deny from all
</files>
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top