is_writable

说明

bool is_writable ( string filename )

如果文件存在并且可写则返回 TRUE。filename 参数可以是一个允许进行是否可写检查的目录名。

记住 PHP 也许只能以运行 webserver 的用户名（通常为 'nobody'）来访问文件。不计入安全模式的限制。

例子 1. is_writable() 例子
<?php $filename = 'test.txt'; if (is_writable($filename)) { echo 'The file is writable'; } else { echo 'The file is not writable'; } ?>

注: 本函数的结果会被缓存。更多信息参见 clearstatcache()。

提示: 自 PHP 5.0.0 起本函数也可被某些 URL wrapper 使用。参考附录 L 来看哪些 wrapper 支持 stat() 系列函数的功能。

add a note User Contributed Notes

haccel at email dot com
04-Aug-2006 08:51


Ooooops, sorry! My mistake. is__writable should be:



<?php



function is__writable($path)

{



   if ($path{strlen($path)-1}=='/') //Start function again with tmp file...

      

       return is__writable($path.uniqid(mt_rand()).'.tmp');

  

   elseif (ereg('.tmp', $path))

   { //Check tmp file for read/write capabilities

      

       if (!($f = @fopen($path, 'w+')))

           return false;

       fclose($f);

       unlink($path);

       return true;



   }

   else //We have a path error.

      

       return 0; // Or return error - invalid path...



}



?>



The original could've deleted a folder if the path was invalid  to start with (no trailing slash..) and the folder was writable to begin with...

haccel at email dot com
03-Aug-2006 11:56


Be careful of legolas558 dot sourceforge comma net's example, try this instead:



<?php



function is__writable($path)

{



    if ($path{strlen($path)-1}=='/')

        

        return is__writable($path.uniqid(mt_rand()).'.tmp');

    

    elseif (file_exists($path) && ereg('.tmp', $path))

    {

        

        if (!($f = @fopen($path, 'w+')))

            return false;

        fclose($f);

        unlink($path);

        return true;



    }

    else

        

        return 0; // Or return error - invalid path...



}



?>

legolas558 dot sourceforge comma net
13-Jul-2006 04:17


Since looks like the Windows ACLs bug "wont fix" (see http://bugs.php.net/bug.php?id=27609) I propose this alternative function:



<?php



function is__writable($path) {



if ($path{strlen($path)-1}=='/')

    return is__writable($path.uniqid(mt_rand()).'.tmp');



if (file_exists($path)) {

    if (!($f = @fopen($path, 'r+')))

        return false;

    fclose($f);

    return true;

}



if (!($f = @fopen($path, 'w')))

    return false;

fclose($f);

unlink($path);

return true;

}



?>



It should work both on *nix and Windows



NOTE: you must use a trailing slash to identify a directory

f dot knodt at yotaweb dot de
25-May-2006 01:33


Same here with PHP 5.1.4. is_writable ignores my ACLs and also groups dont work sometimes.

Nils Kuebler
19-Apr-2006 06:15


this one recursivly checks if a folder and all its contents are writeable



<?php

function is_removeable($dir)

{

   $folder = opendir($dir);

   while($file = readdir( $folder )) 

    if($file != '.' && $file != '..' && 

        ( !is_writable(  $dir."/".$file  ) || 

        (  is_dir(   $dir."/".$file   ) && !is_removeable(   $dir."/".$file   )  ) ))

   {

    closedir($dir);

    return false;

   }

   closedir($dir);

   return true;

}

?>

greg at gregwhitescarver dotcalm
07-Feb-2006 10:55


In response to Darek:



We have two servers: one running PHP 5.0.4 and Apache 1.3.33, the other running PHP 4.3.5 and Apache 1.3.27.  The PHP 4 server exhibits the behavior you are describing, with is_writable() returning 'false' even though the www user is in the group that owns the file, but the PHP 5 server is returning 'true.'

darek at fauxaddress dot com
01-Feb-2006 02:27


It appears that is_writable() does not check full permissions of a file to determine whether the current user can write to it.  For example, with Apache running as user 'www', and a member of the group 'wheel', is_writable() returns false on a file like



-rwxrwxr-x           root         wheel          /etc/some.file

JimmyNighthawk
12-Sep-2005 05:02


Regarding you might recognize your files on your web contructed by your PHP-scripts are grouped as NOBODY you can avoid this problem by setting up an FTP-Connection ("ftp_connect", "ftp_raw", etc.) and use methods like "ftp_fput" to create these [instead of giving out rights so you can use the usual "unsecure" way]. This will give the files created not the GROUP NOBODY - it will give out the GROUP your FTP-Connection via your FTP-Program uses, too.



Furthermore you might want to hash the password for the FTP-Connection - then check out:

http://dev.mysql.com/doc/mysql/en/Password_hashing.html

claude dot paroz at ne dot ch
06-Apr-2004 07:28


Under Windows, it only returns the read-only attribute status, not the actual permissions (ACL).

See http://bugs.php.net/bug.php?id=27609

agrenier at assertex dot com
02-Apr-2004 08:56


This file_write() function will give $filename the write permission before writing $content to it.



Note that many servers do not allow file permissions to be changed by the PHP user.



<?php

    function file_write($filename, &$content) { 

        if (!is_writable($filename)) {

            if (!chmod($filename, 0666)) {

                 echo "Cannot change the mode of file ($filename)";

                 exit;

            };

        }

        if (!$fp = @fopen($filename, "w")) {

            echo "Cannot open file ($filename)";

            exit;

        }

        if (fwrite($fp, $content) === FALSE) {

            echo "Cannot write to file ($filename)";

            exit;

        } 

        if (!fclose($fp)) {

            echo "Cannot close file ($filename)";

            exit;

        }

    } 

?>

add a note