MyBB

Ryan Gordon · 08-09-2008, 04:38 PM

Wow, that's really really stupid. They actually make you quote it?

wow...

Dyers Eve · 08-09-2008, 08:22 PM

(08-09-2008 06:09 AM)Tikitiki Wrote:
PHP Code:

if(substr((string)$mode, 0, 1) != '0' || strlen((string)$mode) !== 4)

Thanks, now it works Smile

Ryan Gordon · 08-09-2008, 10:49 PM

Michael, any reason why it works for Dyers Eve and not you?

Dyers Eve · (This post was last modified: 08-10-2008 09:25 AM by Dyers Eve.)

I'm sorry, i checked these files today again and I found out, why I thought that this fix works.

I changed in functions_upload.php

PHP Code:

@my_chmod($path."/".$filename, 0644, '0644'); 

and in functions.php

PHP Code:

function my_chmod($file,$mode,$mymode)
{
    if(substr($mymode, 0, 1) != '0' || strlen($mymode) !== 4)
    {
        return false;
    }
    $old_umask = umask(0);
    $result = chmod($file, $mode);
    umask($old_umask);
    return $result;
} 

These modification works. After that, I read the post from Ryan and changed only function_upload.php and in functions.php the function-head and forgot to change the variable name in the if clause

PHP Code:

function my_chmod($file,$mode)
{
    if(substr((string)$mymode, 0, 1) != '0' || strlen((string)$mymode) !== 4)
    {
        return false;
    }
    $old_umask = umask(0);
    $result = chmod($file, $mode);
    umask($old_umask);
    return $result;
} 

...but as everybody can see, this is silly.

But I don't know why

PHP Code:

(string)$mode != '0644' 

Greetings, Dyers Eve

OK, now i know what happened

0644 is octal and php change this.

echo string($mode) returns 420
echo decoct($mode) returns 644

This would be my solution for that problem:

function_upload.php

PHP Code:

@my_chmod($path."/".$filename, '0644'); 

functions.php

PHP Code:

function my_chmod($file,$mode)
{
    if(substr($mode, 0, 1) != '0' || strlen($mode) !== 4)
    {
        return false;
    }
    $old_umask = umask(0);
    $result = chmod($file, octdec($mode));
    umask($old_umask);
    return $result;
} 

Greetings, Dyers Eve

Ryan Gordon · 08-10-2008, 04:37 PM

Dyers Eve, Does this fix simply work?

PHP Code:

function my_chmod($file, $mode)
{
    if(substr("{$mode}", 0, 1) != '0' || strlen("{$mode}") !== 4)
    {
        return false;
    }
    $old_umask = umask(0);
    $result = chmod($file, $mode);
    umask($old_umask);
    return $result;
} 

Dyers Eve · (This post was last modified: 08-10-2008 05:36 PM by Dyers Eve.)

No, chmod is still 600

PHP Code:

echo "{$mode}"; 

-> 420

Ryan Gordon · 08-10-2008, 06:06 PM

Hmm okay, so I see how your fix works. And it should work properly too.

Michael S. · 08-11-2008, 01:14 PM

When I change the test script to your latest version it still outputs "Failure!".

PHP Code:

<?php
function my_chmod($mode)
{
    //$mode = (string) $mode;
    if(substr("{$mode}", 0, 1) != '0' || strlen("{$mode}") !== 4)
    {
        echo "Failure!";
    }
    else
    {
        echo "Success";
    }
}

my_chmod(0644);
?>