Jump to content

Delete a file with "/"'s in the name


Snooble

Recommended Posts

are you on a linux or windows server? i didn't/'s (froward slashes) were allowed on windows but:

<?php
unlink("Boys Don/'t Cry");
?>

should remove your file.

i would advise adding something to your upload script to remove all bad chars.

 

Scott.

 

 

That worked perfectly! Yeah I need to restrict the input! Anyway I can do this? Here's my upload form:

<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action="checkupload.php" method="POST">
   <!-- MAX_FILE_SIZE must precede the file input field -->
   <input type="hidden" name="MAX_FILE_SIZE" value="104857600" />
   <!-- Name of input element determines name in $_FILES array -->
   Send this file: <input name="uploaded_file" type="file" />
   <input type="submit" value="Send File" />
</form>

 

Here's the checkupload.php:

 

<?php
//check that we have a file
if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
  //check if the file is JPEG image and it's size is less than 350Kb
  $name = basename($_FILES['uploaded_file']['name']);
  $filename = str_replace("'","",$name);
  $ext = substr($filename, strrpos($filename, '.') + 1);
  if (($ext == "mp3") && ($_FILES["uploaded_file"]["type"] == "audio/mpeg") && 
    ($_FILES["uploaded_file"]["size"] < 104857600)) {
    //Determine the path to which we want to save this file
      $newname = dirname(__FILE__).'/uploads/'.$filename;
      //Check if the file with the same name is already exists on the server
      if (!file_exists($newname)) {
        //Attempt to move the uploaded file to it's new place
        if ((move_uploaded_file($_FILES['uploaded_file']['tmp_name'],$newname))) {
           echo "It's done! The file has been saved as: ".$newname;
        } else {
           echo "Error: A problem occurred during file upload!";
        }
      } else {
         echo "Error: File ".$filename." already exists".$_FILES['uploaded_file']['name']."";
      }
  } else {
     echo "Error: Only .mp3 songs under 100MB are accepted for upload ".basename($_FILES['uploaded_file']['name'])."";
  }
} else {
echo "Error: No file uploaded";
}
?>

 

Thanks Scott!

 

Snoobs

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.