Jump to content

List files in directory + delete


xQuasar

Recommended Posts

I'm trying to make a feature in which users can upload up to 10 files in a certain directory that belongs to them; and when there are 10 files in that directory there is no upload feature anymore. I've got all that working, now the last thing I want is a delete button next to each of the files listed so they can delete & download the file. With delete, this is what I'm trying to do:

 

<?php
echo "Current files in your extras' directory: <br /><br />";
if ($handle = opendir("$username_saved/extras")) {
while (false !== ($file = readdir($handle))) {
        if ($file != "." && $file != "..") {
            echo "$file <a href=deletefile.php>DELETE</a><br />";
        }
    }
    closedir($handle);
}
?>

 

And here is my deletefile.php:

<?php
session_start();
$username_saved = $_SESSION['username_saved'];

unlink("$username_saved/extras/$file");

?>

 

However, when I try to use the delete button, it gives me the error:

 

Warning: unlink(watson516/extras/) [function.unlink]: Permission denied in C:\Program Files\AbyssWebServer\htdocs\deletefile.php on line 5

 

What's wrong? And as with the downloads, I have no idea how to do it. Any help would be appreciated.

Link to comment
https://forums.phpfreaks.com/topic/135834-list-files-in-directory-delete/
Share on other sites

opendir  is faster  than glob()

 

<?php
echo "Current files in your extras' directory: <br /><br />";
if ($handle = opendir("$username_saved/extras")) {
   while (false !== ($file = readdir($handle))) {
        if ($file != "." && $file != "..") {
            echo "$file <a href=deletefile.php?file=$file>DELETE</a><br />"; //updated
        }
    }
    closedir($handle);
}
?>

 

<?php
session_start();
$username_saved = $_SESSION['username_saved'];
$file= basename($_GET['file']);//added
unlink("$username_saved/extras/$file");

?>

its not a heap faster but on some servers you also get

"glob() has been disabled for security reasons "

also it someomes give incorrect file sizes (only a few bytes out) all that and it being a little slower makes me use opendir instead..

 

I wrote the following recently to delete a records and image files:

 

This page listed the records:

 

<?php
session_start();

if (!$_SESSION['logged'])
{
    header("location: loginfl.php");
}
else
{
?>

<html>
<body>

<table border="1" cellspacing="2" cellpadding="2">
<tr>
<th><font face="Arial, Helvetica, sans-serif">Delete</font></th>
<th><font face="Arial, Helvetica, sans-serif">URN</font></th>
<th><font face="Arial, Helvetica, sans-serif">Make</font></th>
<th><font face="Arial, Helvetica, sans-serif">Model</font></th>
<th><font face="Arial, Helvetica, sans-serif">Price</font></th>
<th><font face="Arial, Helvetica, sans-serif">Engine</font></th>
<th><font face="Arial, Helvetica, sans-serif">Year</font></th>
<th><font face="Arial, Helvetica, sans-serif">Colour</font></th>
<th><font face="Arial, Helvetica, sans-serif">Miles</font></th>
<th><font face="Arial, Helvetica, sans-serif">Kilometres</font></th>
<th><font face="Arial, Helvetica, sans-serif">Owners</font></th>
<th><font face="Arial, Helvetica, sans-serif">Doors</font></th>
<th><font face="Arial, Helvetica, sans-serif">Location</font></th>
<th><font face="Arial, Helvetica, sans-serif">Date</font></th>
</tr>

<?
include("dbinfo.php");

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM addnewtbl ORDER BY date";
$result=mysql_query($query);
$num=mysql_num_rows($result);
mysql_close();

$i=0;
while ($i < $num) {

$urn=mysql_result($result,$i,"urn");
$make=mysql_result($result,$i,"make");
$model=mysql_result($result,$i,"model");
$price=mysql_result($result,$i,"price");
$engine=mysql_result($result,$i,"engine");
$transmission=mysql_result($result,$i,"transmission");
$year=mysql_result($result,$i,"year");
$colour=mysql_result($result,$i,"colour");
$mileagem=mysql_result($result,$i,"mileagem");
$mileagekm=mysql_result($result,$i,"mileagekm");
$owners=mysql_result($result,$i,"owners");
$doors=mysql_result($result,$i,"doors");
$location=mysql_result($result,$i,"location");
$info=mysql_result($result,$i,"info");
$date=mysql_result($result,$i,"date");
$ipaddress=mysql_result($result,$i,"ipaddress");
$imageurl1=mysql_result($result,$i,"imageurl1");
$imageurl2=mysql_result($result,$i,"imageurl2");
$imageurl3=mysql_result($result,$i,"imageurl3");

?>

<tr>
<td><font face="Arial, Helvetica, sans-serif">
        <? echo "<a href='deldnew.php?geturn=$urn&getpath1=$imageurl1&getpath2=$imageurl2&getpath3=$imageurl3'>DELETE</a>"; ?>
    </font>
</td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $urn; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $make; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $model; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $price; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $engine; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $year; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $colour; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $mileagem; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $mileagekm; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $owners; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $doors; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $location; ?></font></td>
<td><font face="Arial, Helvetica, sans-serif"><? echo $date; ?></font></td>


</tr>

<?
$i++;
}

echo "</table>";

}

?>

 

And this page picked up the values and deleted the record / image:

 


<?php

session_start();

if (!$_SESSION['logged'])
{
    header("location: loginfl.php");
}
else
{


   //echo $_GET['geturn']; // output: bar
   $geturn=$_GET['geturn'];
   //echo "$geturn"; 

   $imageurl1=$_GET['getpath1'];
   $imageurl2=$_GET['getpath2'];
   $imageurl3=$_GET['getpath3'];

echo "$imageurl1</br>";
echo "$imageurl2</br>";
echo "$imageurl3</br>";


   unlink($imageurl1);
   unlink($imageurl2);
   unlink($imageurl3);



include("dbinfo.php");

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query="DELETE FROM addnewtbl WHERE urn = '$geturn'";
$result=mysql_query($query);
//$num=mysql_num_rows($result);
mysql_close();



echo "URN ";
echo "$geturn";
echo " has been deleted.";
echo "
</br>
</br><a href='adminhm.php'>Return to Admin Home</a>
</br><a href='index_actual.php'>Return to Home Page</a>


";

}
?>



its not a heap faster but on some servers you also get

"glob() has been disabled for security reasons "

also it someomes give incorrect file sizes (only a few bytes out) all that and it being a little slower makes me use opendir instead..

 

 

Well I might have to go back to opendir() then.

Well for some reason I couldn't even get it to work after trying for ages, so instead I did it in a form and now it works.

 

And... attempting to limit upload extensions; it's not working. :( It's still letting everything through. what's wrong with it? T_T

 

<?php
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if ($ext == ('.htm' || '.html' || '.php' || '.js' || '.jse' || '.exe' || '.bat' || '.asp')) {
    echo("Sorry, the following file extensions aren't allowed:<br><br>
    <b> .html<br>
        .htm<br>
        .php<br>
        .js<br>
        .jse<br>
        .exe<br>
        .bat<br>
        .asp</b><br><br>
        You could try renaming the extension; eg. from .php to .phps; OR you could compress the files with
        software such as WinZIP or WinRAR.");
} else {
//uploading php code, i've got this working, no help needed
}
?>

try this *untested*

<?php
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);
$invalid = array('.htm','.html','.php','.js','.jse' ,'.exe','.bat','.asp');
if(in_array($ext, $invalid))
{
echo("Sorry, the following file extensions aren't allowed:<br><br>
    <b> .html<br>
        .htm<br>
        .php<br>
        .js<br>
        .jse<br>
        .exe<br>
        .bat<br>
        .asp</b><br><br>
        You could try renaming the extension; eg. from .php to .phps; OR you could compress the files with
        software such as WinZIP or WinRAR.");
}

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.