Aeterna Posted May 11, 2011 Share Posted May 11, 2011 Hello everyone, I've recently started to look into some PHP programming and thought I would try and make an image uploader service. It's going well, I was just wondering if there was any way to make it so that only the uploader could delete a their file. (I do not have accounts yet, but will in the future.) Here are the files that I'm using (Don't be afraid to give me some constructive criticism or ideas! I could use it!): index.php <?php if ($_REQUEST[completed] == 1) { $newname = uniqid(); move_uploaded_file($_FILES['mailfile']['tmp_name'], "images/$newname.jpg"); echo '<center><h3>Image successfully uploaded!</h3>Direct Link<br /><input type="text" size="30" value="http://aeterna.ulmb.com/uploader/images/' .$newname . '.jpg"><br /><br />Message Boards<br /><input type="text" size="30" value="[img=http://aeterna.ulmb.com/uploader/images/' . $newname . '.jpg]"><br /><br />Deletion link<br /><a href="http://aeterna.ulmb.com/uploader/delete.php?file=' . $newname . '">http://aeterna.ulmb.com/uploader/delete.php?file=' . $newname . '</a></center>'; } ?> <html> <head> <meta content="text/html;charset=iso-8859-1" http-equiv="Content-Type" /> <title>Image Uploader</title> </head> <body> <div align="center"> <?php if ($_REQUEST[completed] != 1) { ?> <h1>Image Uploader</h1> <form enctype=multipart/form-data method=post> <input type=hidden name=MAX_FILE_SIZE value=1500000> <input type=hidden name=completed value=1>Image: <input type=file name=mailfile value="Browse..."> <br /> <br /> <input type=submit value="Upload"> </form> <?php } ?> </div> </body> </html> delete.php <?php $file = $_GET['file']; if (!unlink("images/$file.jpg")) { echo "<center><h1>There was an error deleting your file ($file).</h1></center>"; } else { echo "<center><h1>Your file has been deleted upon request.</h1></center>"; } ?> Here's a live demo, as you can see anyone can delete any file (I just have it as the file name because I honestly can't think of ANY other way to do it. http://aeterna.ulmb.com/uploader/index.php Thanks in advance, ~Aeterna Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 No, you really have to add an account system first, and then employ a scheme that associates files with the user who uploads them. Quote Link to comment Share on other sites More sharing options...
Aeterna Posted May 11, 2011 Author Share Posted May 11, 2011 Hm, well if I was to do that is there any way to check if the image was uploaded by the logged in user? Quote Link to comment Share on other sites More sharing options...
gizmola Posted May 11, 2011 Share Posted May 11, 2011 Of course. Usually people will have a database table and when an image is uploaded they'll insert an entry into the table, with a column for the name and path of the uploaded file, the user_id of the user who uploaded it, and maybe a title, createdDate, etc.. People often find this table useful since you can easily offer views that sort by date or by user, or any combination that makes sense, and a database can do this efficiently even as a lot of images are added. Quote Link to comment Share on other sites More sharing options...
Aeterna Posted May 11, 2011 Author Share Posted May 11, 2011 Oh, I see. Well a friend of mine is letting me use his database from his forums and I'll go ahead and use the users that are registered. Thanks for the tips and insight, I'll be sure to use it! Thank you for all the help. :^D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.