From 1fe581f808f3d2c80354c848b0e0108356769416 Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Mon, 17 Sep 2012 03:55:22 +0000
Subject: [PATCH] use umask to confirm upload directory could be writed in
 mkdir

---
 application/default/controllers/SubmitController.php | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/application/default/controllers/SubmitController.php b/application/default/controllers/SubmitController.php
index 077bab63..78ee5422 100644
--- a/application/default/controllers/SubmitController.php
+++ b/application/default/controllers/SubmitController.php
@@ -487,7 +487,11 @@ class SubmitController extends Zend_Controller_Action
 			$sql = "SELECT * FROM pureftp WHERE userid='$uname' ORDER BY pkid DESC";
 			$sth = $this->db->prepare($sql);
 			$sth->execute();
-			$row = $sth->fetch();
+			$row = $sth->fetch();
+			$homedir = "/home/wlx/qhhdata/upload/".$uuid."/";
+			$old=umask(0);
+			@mkdir($homedir,0777);
+			umask($old);
 			
 			if(!empty($row['pkid']))
 			{
@@ -505,13 +509,11 @@ class SubmitController extends Zend_Controller_Action
 				}else{
 					$uid = 1001;
 					$gid = 1001;
-					$homedir = "/home/wlx/qhhdata/upload/".$uuid."/";
-					$passwd = $this->genRandomString(16);
 					
+					$passwd = $this->genRandomString(16);
 					$sql = "UPDATE pureftp SET passwd=?,uid=?,gid=?,homedir=? WHERE userid=?";
 					$sth = $this->db->prepare($sql);
 					$rs = $sth->execute(array($passwd,$uid,$gid,$homedir,$uname));
-					@mkdir($homedir,0644);
 					if($rs)
 					{
 						$data = array(
@@ -532,7 +534,6 @@ class SubmitController extends Zend_Controller_Action
 			}else{
 				$uid = 1001;
 				$gid = 1001;
-				$homedir = "/home/wlx/qhhdata/upload/".$uuid."/";
 				$passwd = $this->genRandomString(16);
 				
 				$sql = "INSERT INTO pureftp (userid,passwd,uid,gid,homedir) VALUES (?,?,?,?,?)";