I’m trying to create a .tgz file through the PHP exec(); function in an AJAX web interface, however, my code isn’t making any files, and it isn’t writing out any errors.
This code works in shell:
tar cvfz destination/testfolder.tgz source/testfolder
I’m setting the destination/testfolder.tgz and the source/testfolder as variables in PHP since they change based on user input, so my code looks something like this:
$q=$_GET["q"];
$part = explode("/", $q);
$source = $q;
$dest = "destination/" .$part[1].".tgz";
exec("tar cvfz " . $dest . " " . $source);
I’ve echoed the "tar cvfz " . $dest . " " . $source and copy/pasted it into shell, which works, so I’m confused as to what I’m doing wrong.
The problem is, for the same security issue @David mentioned, the PHP exec() function has very limited permissions – it can’t even create files. Instead of chmodding the file to 777, which is very dangerous even temporarily, I suggest you create a temporary folder either in a sandbox or at any non-harmful location then ch own it to the user/group of the PHP interpreter’s user/group with somewhat restrictive permissions (e. g. chmod 700 for the directory, 600 for the files inside).