Uploading files using PHP and ownership

[Jeff75]

I have a client who was wondering if there is anyway to change the ownership of a file uploading using PHP to match the main username for the account. I do not want to enable PHP_SUEXEC and was wondering if there was anyway to do this using PHP commands. Is there anyway to chown it with PHP? If not, is there another way around this? Here was what he was wanting to know:

Files uploaded using http get/php move_uploaded_files take on ownership nobody:nobody.

It would appear your FTP server daemon masks non-login-owned files - FTP users can't see files uploaded using http get/php move_uploaded_files.

Can this be fixed so that files owned by nobody:nobody are visible to FTP users?

[philb]

Is there any particular reason you don't want phpSuExec? That'd be by far the easiest solution. (and increase the security of your users files from each other considerably)

Besides that I guess you could look into tweaking the ftpd config to prevent it masking non-user files, but without digging around in the files and knowing which ftpd you're running it's going to be hard to recommend how to do that.

[Jeff75]

Do you know what problems occur when enabling phpsuexec? I can't remember what it was but when I tried enabling it a few months back it caused big problems for a couple of clients.

[philb]

It stops PHP HTTP auth working, and causes issues if people are currently setting php directives in .htaccess (but they can just whack them in a php.ini instead if they need them, as I recall).

It can also cause problems with some certain fussy scripts, but I can't remember any off the top off my head that currently have any real issues - most that do relate to either wanting to use php http authentication or .htaccess to pass php directives.