Jump to content

Checking ownership (titled badly, more information inside)

Aeterna

By Aeterna
in Applications

 Share

Recommended Posts

Aeterna Newbie

Aeterna

Posted
Posted

Hello everyone,

 

I've recently started to look into some PHP programming and thought I would try and make an image uploader service.  It's going well, I was just wondering if there was any way to make it so that only the uploader could delete a their file.  (I do not have accounts yet, but will in the future.)

 

Here are the files that I'm using (Don't be afraid to give me some constructive criticism or ideas!  I could use it!):

index.php

<?php

if ($_REQUEST[completed] == 1) {
	$newname = uniqid();
	move_uploaded_file($_FILES['mailfile']['tmp_name'], "images/$newname.jpg");
	echo '<center><h3>Image successfully uploaded!</h3>Direct Link<br /><input type="text" size="30" value="http://aeterna.ulmb.com/uploader/images/' .$newname . '.jpg"><br /><br />Message Boards<br /><input type="text" size="30" value="[img=http://aeterna.ulmb.com/uploader/images/' . $newname . '.jpg]"><br /><br />Deletion link<br /><a href="http://aeterna.ulmb.com/uploader/delete.php?file=' . $newname . '">http://aeterna.ulmb.com/uploader/delete.php?file=' . $newname . '</a></center>';
}

?>

<html>

<head>
	<meta content="text/html;charset=iso-8859-1" http-equiv="Content-Type" />

	<title>Image Uploader</title>

</head>

<body>

	<div align="center">
		<?php
			if ($_REQUEST[completed] != 1) {
		?>

		<h1>Image Uploader</h1>
		<form enctype=multipart/form-data method=post>
			<input type=hidden name=MAX_FILE_SIZE value=1500000>
			<input type=hidden name=completed value=1>Image:
			<input type=file name=mailfile value="Browse...">
			<br />
			<br />
			<input type=submit value="Upload">
		</form>

		<?php
			}
		?>

	</div>

</body>


</html>

 

delete.php

<?php

$file = $_GET['file'];

if (!unlink("images/$file.jpg")) {
	echo "<center><h1>There was an error deleting your file ($file).</h1></center>";
} else {
	echo "<center><h1>Your file has been deleted upon request.</h1></center>";
}

?>

 

Here's a live demo, as you can see anyone can delete any file (I just have it as the file name because I honestly can't think of ANY other way to do it.

 

http://aeterna.ulmb.com/uploader/index.php

 

Thanks in advance,

 

~Aeterna

gizmola Prolific Member

gizmola

Posted
Posted

Of course.  Usually people will have a database table and when an image is uploaded they'll insert an entry into the table, with a column for the name and path of the uploaded file, the user_id  of the user who uploaded it, and maybe a title, createdDate, etc..  People often find this table useful since you can easily offer views that sort by date or by user, or any combination that makes sense, and a database can do this efficiently even as a lot of images are added.

Aeterna Newbie

Aeterna

Posted
  • Author
Posted

Oh, I see.  Well a friend of mine is letting me use his database from his forums and I'll go ahead and use the users that are registered.  Thanks for the tips and insight, I'll be sure to use it!

 

Thank you for all the help. :^D

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.