Can't save file with other permissions except for 777

Question 1

It all because your server is badly configured, which means httpd runs as different user than owns all the files and this requires write permission set for others. The solution would be to fix the server configuration so these user ids match. But it's not trivial if you are not familiar with the server administration. Other (but this is not really a solution) would be to to put these two users into one group, so that way instead of giving everyone write access you "limit" it to your group only. But this is not a way to go though. Alternatively, if you are the only user on the server you may set httpd to run on your userid/groupid instead of its own. But, again, this should not be considered a "solution".

Question 2

You can re-set the User and Group parameters in Apache config file to run it as another user.

Question 3

Your web server is running under a different user than user who owns the images. To find out under which user is your webserver running, create and run this php script

<?php
echo shell_exec('whoami');
?>

Question 4

1) You create a new folder with 777 permission.

2) save the image in that folder.

I dont think you would need 777 on the original image.

.

For the security, you need:

A) check extension of uploaded files and call the custom resize/image function. This will ensure the file is always converted into an image.

B) [.htaccess] (inside your user upload image directory) =

#Disable directory indexes & folder listing

[deny any file other than image]
<Files ^(*.jpeg|*.jpg|*.png|*.gif)>
order deny,allow
deny from all
</Files>

Question 5

You can try to chmod afterwards, but it's strongly dependent on the rights the php daemon has;

chmod("/somedir/somefile", 755);

With fileperms() you can get the current permissions of the created file(s).