Gamerz Posted July 12, 2009 Share Posted July 12, 2009 I just made a quick form, and when form submit, the typed file will be deleted (unlink) But as people use this, I know someone will try and bypass the system by deleting the form and delete.php, and maybe even the whole folder... So how do I restrict unlink to certain files, even folders? Here's the form: <form action="delete.php" method="get"> <p align="center">Enter your filename:<br> <input type="text" name="filename" size="47"> <input type="submit" value="Delete File!"> </form> Here's the unlink code (delete.php) <?php $id = $_GET['filename']; unlink($filename) or die('The filename you entered has never been uploaded to our servers. <a href="delete_file.php">Please click here to try again</a>.'); echo "Deleted $filename"; ?> Link to comment https://forums.phpfreaks.com/topic/165717-php-restrict-unlink-to-certain-files/ Share on other sites More sharing options...
Gamerz Posted July 13, 2009 Author Share Posted July 13, 2009 seriously? no one knows? Link to comment https://forums.phpfreaks.com/topic/165717-php-restrict-unlink-to-certain-files/#findComment-874328 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.