Support » Plugin: Really Simple CAPTCHA » [Plugin: Really Simple CAPTCHA] Function cleanup : unlink permission denied

  • Hello

    Nice plugin, but with the latest version there is an error when cleanup files :

    unlink(/path/wp-content/uploads/wpcf7_captcha/1630659852.png) function.unlink : Permission denied in /path/wp-content/plugins/really-simple-captcha/really-simple-captcha.php on line 190

    This make sense since these files are chmod to 0444 or 0440
    Why not chmod to 0644 / 0640 ?

Viewing 13 replies - 1 through 13 (of 13 total)
  • Plugin Author Takayuki Miyoshi


    What is current permission of the parent directory?

    No specific perms since this bug appears only on windows.

    Any solution to this? I am experiencing the same problem on a windows server. IUSR has full access to the captcha directory.

    open really-simple-captcha/really-simple-captcha.php

    186 foreach ( $suffixes as $suffix ) {
    187 $filename = sanitize_file_name( $prefix . $suffix );
    188 $file = trailingslashit( $this->tmp_dir ) . $filename;
    189 if ( is_file( $file ) )
    190 unlink( $file );

    you have to replace “trailingslashit” to “untrailingslashit” on line 188.

    i have the same problem on Windows (Version 1.5) and it’s clerary a problem of permission.
    The temp files (png and txt) are created with a chmod 0444 and 0440.
    Or this means no “write” permission. Then, it is impossible to delete those files (unlink).
    So the only solution is to set (really-simple-captcha.php)
    – “file_mode” = 0644 (line 70)
    – “answer_file_mode” = 0640 (line 73)

    Registered just to say that, i was also having the unlink problem on ISS.
    Suggestion by kate.ussr, replacing “trailingslashit” to “untrailingslashit” on line 188, worked for me! So thanks a lot kate.ussr 🙂

    yup kate.ussr’s suggestion worked for me too! thanks very much…

    Thanks kate.ussr…your suggestion really did help…but now it is showing some different problem….. Failed to send your message. Please try later or contact the administrator by another method.

    First of all, thanks for awesome plugins Takayuki, great job!

    I also had this problem with my development machine (Windows + Apache + mod_FCGI + PHP5).

    The problem is with the permissions which, on windows, sets the files as read-only and makes PHP unable to delete the files.

    I tried to fix this through tweaking the permissions for Apache and PHP and the directory containing the files, but all failed.

    The solution turned out to be changing the permissions (chmod) of the files just before deleting (unlink).

    so, I added @chmod (@file, 0777); just before the unlink() and it works perfectly now.

    To do the same, you can edit really-simple-captcha.php and make the modifications on functions remove and cleanup as follows:

    /* Remove temporary files with $prefix */
    	function remove( $prefix ) {
    		$suffixes = array( '.jpeg', '.gif', '.png', '.php', '.txt' );
    		foreach ( $suffixes as $suffix ) {
    			$filename = sanitize_file_name( $prefix . $suffix );
    			$file = trailingslashit( $this->tmp_dir ) . $filename;
    			if ( is_file( $file ) )
    				@chmod( $file, 0777 );
    				unlink( $file );
    	/* Clean up dead files older than $minutes in the tmp folder */
    	function cleanup( $minutes = 60 ) {
    		$dir = trailingslashit( $this->tmp_dir );
    		if ( ! is_dir( $dir ) || ! is_readable( $dir ) || ! is_writable( $dir ) )
    			return false;
    		$count = 0;
    		if ( $handle = @opendir( $dir ) ) {
    			while ( false !== ( $filename = readdir( $handle ) ) ) {
    				if ( ! preg_match( '/^[0-9]+\.(php|txt|png|gif|jpeg)$/', $filename ) )
    				$file = $dir . $filename;
    				$stat = @stat( $file );
    				if ( ( $stat['mtime'] + $minutes * 60 ) < time() ) {
    					@chmod( $file, 0777 );
    					@unlink( $file );
    					$count += 1;
    			closedir( $handle );
    		return $count;

    By the way, the plugin works perfectly fine on Linux, so if your host is running Linux, you don’t need to apply these changes there.

    Any plans to make this patch part of the official code, as it would make the plug-in platform independent!

    As has been reported by several users, the current code can eventually result in a “denial of service” scenario when tens of thousands of files start accumulating within a few weeks – and the server starts consuming extensive amount of time every 60 seconds, attempting to iterate through and to (always unsuccessfully) delete those tens of thousands of files individually.

    Assuming that the default file_modes were chosen for a good reason, then (at minimum) a chmod to 0777 is needed prior to any unlink for it to succeed. (Ideally, appropriate error-handling would also be addeded for unlink returning “false”, to report that the necessary cleanup is failing!)

    Takayuki should decide about this.

    My suggestion is to host the code on github, so bug tracking and code contribution would become easier.

    Thanks, Faramarz Salehpour. Worked for me – development machine=Windows + Apache + mod_FCGI + PHP5.

    I too hope this goes to the core code.

    Ted in Sydney

    Thanks kate.ussr!

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘[Plugin: Really Simple CAPTCHA] Function cleanup : unlink permission denied’ is closed to new replies.