diff options
| -rw-r--r-- | phpBB/docs/CHANGELOG.html | 1 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 7 |
2 files changed, 6 insertions, 2 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index c83bd2cc72..dad0e468d7 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -96,6 +96,7 @@ <li>[Fix] Properly treat punctuation marks after local urls (Bug #37055)</li> <li>[Fix] Make searching for members by YIM address work in prosilver</li> <li>[Fix] Tell users to recreate the search index after changing the common word threshold for fulltext_native (Bug #36345)</li> + <li>[Fix] Adjusted phpbb_chmod() to always set permissions for group bit.</li> <li>[Change] Alllow applications to set custom module inclusion path (idea by HoL)</li> <li>[Change] Handle checking for duplicate usernames in chunks (Bug #17285 - Patch by A_Jelly_Doughnut)</li> <li>[Change] Better handling and finer control for custom profile fields visibility options. (Patch by Highway of Life)</li> diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index b96024e4e3..d6f112e8d6 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -462,7 +462,7 @@ function _hash_crypt_private($password, $setting, &$itoa64) /** * Global function for chmodding directories and files for internal use * This function determines owner and group whom the file belongs to and user and group of PHP and then set safest possible file permissions. -* The function determines owner and group from common.php file and sets the same to the provided file. +* The function determines owner and group from common.php file and sets the same to the provided file. Permissions are mapped to the group, user always has rw(x) permission. * The function uses bit fields to build the permissions. * The function sets the appropiate execute bit on directories. * @@ -532,7 +532,7 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) // Who is PHP? if ($file_uid === false || $file_gid === false || $php_uid === false || $php_gids === false) { - $php = null; + $php = NULL; } else if ($file_uid == $php_uid /* && $common_php_owner !== false && $common_php_owner === $file_uid*/) { @@ -564,12 +564,15 @@ function phpbb_chmod($filename, $perms = CHMOD_READ) { case null: case 'owner': + /* ATTENTION: if php is owner or NULL we set it to group here. This is the most failsafe combination for the vast majority of server setups. + $result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0)); if (!is_null($php) || (is_readable($filename) && is_writable($filename))) { break; } + */ case 'group': $result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0)); |