I just did a chmod 777 on the directory and that fixed everything. :-)

I was concerned that doing so might also recursively change the permissions of the directory's contents (including my .htaccess and .htpasswd files) but it did not.


Thank you.
What does it mean for a directory to be owned by the writing process(es)?

ing Newbie Poster

Hi. I have a noobish UNIX question.
I have a password-protected section of my website for testing (named 'sandbox') and I'm trying to write output to a plain text file in that directory. But I'm getting the following error due to permissions settings.

Warning: file_put_contents(testdb.txt) [function.file-put-contents]: failed to open stream: Permission denied in /Applications/XAMPP/xamppfiles/htdocs/sandbox/dbtest1.php on line 5

I'm sure it's something simple, but what could I be overlooking?


Thank you so much! It's great to have this working. It had been bothering me for days.

Now that that the big burning question is out of the way, I have a few less important questions if you're up to it.

  1. Does the login session ever expire?
    Or now that I've typed the password from this computer it will always let me in until I clear cookies or something?

  2. How can I test to make sure the permissions are set correctly so that it can't be hacked?
    I did as my hosting provider instructed so it's probably fine. Just wondering if there's a best practice for testing.

  3. You suggested "check the DocumentRoot value in your Apache config" - how can I do this?
    Might be good to know how for the future.

ing Newbie Poster

I'm looking for the best way to build a simple scheduler that will be able to render a visual calendar of the last 90 days and events that occurred during that span of time.

We will need to store the contents of the calendar in a database. I'm thinking a flat file database (plaintext file) is best since it's not that complex and I don't know MySQL at all and my PHP knowledge is limited. The visual part will be easy since I can use HTML and CSS.

This is for a small business that needs to track employee attendance history for the past 90 days.
We also want to make another calendar in a similar fashion that allows employees to log in from home to check their work schedule for the coming weeks.

I'm asking the community's opinions:
Is PHP a practical choice for building such a tool? Or does anyone know of a better-suited existing solution?


Another consideration:

  1. Although I am setting permissions to 604 does it make a difference where the file resides at the time permissions are changed? (Since I'm changing it on my computer and then FTP uploading it.)
    Just trying to think of every possible variable that might cause a problem.


Thank you for the suggestion. I had been confusing the concept of absolute filepath with absolute URL. Since both point to the same file it hadn't occurred to me to differentiate.

It's still not working though.

How do I know what the absolute filepath is?
For example my home page is /index.html
So my password would be /sandbox/.htpasswd

That is what the server would consider an absolute filepath, right?
Since a relative filepath would be ./.htpasswd
Or am I missing some important bit of info here?
I don't know what directory is above the site root, nor do I know how to navigate to it using my FTP client. (But as long as I set permissions correctly for both files I shouldn't need to store them anywhere higher - is my understanding.)

If my filepath is correct, my next things to consider are:

  1. Is my computer hashing in the same way as the server? (I am on a Mac and I presume the server is UNIX or Linux, but the command htpasswd should hash the same on any 'NIX system, right?)
  2. What is the significance of AuthGroupFile /dev/null (my hosting provider uses this in their example)

Thanks again.


Thank you. The contents of my .htaccess file:

AuthGroupFile /dev/null
AuthName "Secure area. Please enter admin password."
AuthType Basic
require valid-user

I meant htpasswd command. Sorry, brainfart.
htpasswd -c .htpasswd secure
And then set the password. I checked the output file and everything looked right.

As for the three Apache modules, I hadn't heard of those but I read the page you linked to. So since I'm using AuthType Basic that means I'm using the mod_auth module.
(I may want to use AuthType Digest at some point, but I'd rather get the basics down first.)

ing Newbie Poster

Hello. I'm trying to set up a private section of my website for testing and I'm having a problem where my .htaccess / .htpasswd protection always rejects my password. I've set permissions to 604 on both files as recommended by my web host and both files reside in the same subfolder.
At first I tried setting the password in the .htpasswd file from OS X's Terminal using the htaccess command. When that didn't work I hashed it using an online tool to generate the hash. It hashed differently but still doesn't work.
I'm uploading via Fetch (FTP).

If anyone has ideas as to why this might be happening I'd greatly appreciate your feedback.

Edit: I should mention that my .htpasswd file path is absolute.
Also I want to move this discussion to the "Apache" section, but seems I can't. Moderators please move if possible.


Aha! Thank you!!!

ing Newbie Poster

Hi, I can't figure out what I'm doing wrong here. It must be the simplest thing, but the script is meant to add asterisks only after the numbers 1, 2, or 3. Instead it is appending one to each number.
Please help.


var number=1;
var is1or2or3;

function checkIf1or2or3(n){
    if (n==1||n==2||n==3){is1or2or3=true;}
    else {is1or2or3=false;}

while (number<=10)
if (is1or2or3=true){document.write("*");}



Does anybody else find it ironic that there's a Google ad on this page for the Ronald Reagan Library???

Since the Reagans are advertising through Google, it can only mean one thing: The Reagans are "supporting the Obama, Pelosi and Reid liberal agenda" and ultimately "hurting our country".

Didn't think that one through, did ya Mikey?

What's terrifying is that internet law is shaped by ignorant politicians with personal agendas who have no understanding of how the internet works or the value it has. This is why Net Neutrality is threatened right now.