Jump to content

PHP - Restrict unlink to certain files


Gamerz

Recommended Posts

I just made a quick form, and when form submit, the typed file will be deleted (unlink)

 

But as people use this, I know someone will try and bypass the system by deleting the form and delete.php, and maybe even the whole folder...

 

So how do I restrict unlink to certain files, even folders?

 

Here's the form:

<form action="delete.php" method="get">
<p align="center">Enter your filename:<br>
<input type="text" name="filename" size="47"> 
<input type="submit" value="Delete File!">
</form>

 

 

Here's the unlink code (delete.php)

<?php
$id = $_GET['filename'];
unlink($filename) or die('The filename you entered has never been uploaded to our servers. <a href="delete_file.php">Please click here to try again</a>.');
echo "Deleted $filename";
?>

 

Link to comment
https://forums.phpfreaks.com/topic/165717-php-restrict-unlink-to-certain-files/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.