sagar_24 Posted September 20, 2017 Share Posted September 20, 2017 I want to delete files(Image File) with different extensions(like jpg,png) having same name. I don't know what's wrong My code seems alright. Here I'm taking the file name from HTML HTML: <a href="123.php?file=2"><button class="btn2">Delete File:2</button></a> PHP: <?php $base_directory = 'uploads/'; if(unlink($base_directory.$_GET['file*.*'])) echo "File Deleted."; ?> And I've even tried passing the extensions through HTML as well, which felt quite alright too. But didn't work at all Please shed some light on what seems to be the problem would appreciate it. HTML: <a href="123.php?file=2.jpg && file=2.png"><button class="btn2">Delete File:2</button></a> PHP: <?php $base_directory = 'uploads/'; if(unlink($base_directory.$_GET['file'])) echo "File Deleted."; ?> Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/ Share on other sites More sharing options...
ginerjm Posted September 20, 2017 Share Posted September 20, 2017 Not that I condone this style of coding but how about this: if(unlink($base_directory.$_GET['file'] . '*.*')) Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551627 Share on other sites More sharing options...
Solution requinix Posted September 20, 2017 Solution Share Posted September 20, 2017 I don't believe unlink() works with patterns, so glob + loop + unlink. Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551632 Share on other sites More sharing options...
sagar_24 Posted September 20, 2017 Author Share Posted September 20, 2017 Not that I condone this style of coding but how about this: if(unlink($base_directory.$_GET['file'] . '*.*')) Right when i saw this i was sure this is what i wanted unfortunately it didn't work thanks for replying though Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551647 Share on other sites More sharing options...
sagar_24 Posted September 20, 2017 Author Share Posted September 20, 2017 I don't believe unlink() works with patterns, so glob + loop + unlink. My first try was with glob but in my case glob wasn't able to locate the directory so i went ahead with this could you give me a link or example or glob similar to my case appreciate the reply Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551648 Share on other sites More sharing options...
Jacques1 Posted September 20, 2017 Share Posted September 20, 2017 This script will delete anything the user asks for as long as the webserver has permissions to do so. Since a lot of web applications are both running under and owned by the same webserver account, this means a user can probably wipe your entire document root – and maybe more. Do – not – trust – user – input. Do not let it anywhere near a file path, unless you've extensively validated the input and made sure it's harmless. Using GET requests to delete data is also a very bad idea, because this violates the HTTP protocol. GET is strictly for getting data (hence the name) and mustn't have any side effects. If you break that assumption, you quickly end up with accidental deletions due to page reloads, bookmarks etc. On top of that, your code is wide open to CSRF attacks, which means that more or less everybody can freely delete files on your server. Learn the basics of HTTP, especially the meaning of GET and POST. Understand that the WWW is a public infrastructure with a lot of hostile activity. Even if you think your website is restricted to a handful of users, that's not actually the case. The script you've shown can be attacked by anybody who has read a few Wikipedia articles. 1 Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551649 Share on other sites More sharing options...
sagar_24 Posted September 20, 2017 Author Share Posted September 20, 2017 This script will delete anything the user asks for as long as the webserver has permissions to do so. Since a lot of web applications are both running under and owned by the same webserver account, this means a user can probably wipe your entire document root – and maybe more. Do – not – trust – user – input. Do not let it anywhere near a file path, unless you've extensively validated the input and made sure it's harmless. Using GET requests to delete data is also a very bad idea, because this violates the HTTP protocol. GET is strictly for getting data (hence the name) and mustn't have any side effects. If you break that assumption, you quickly end up with accidental deletions due to page reloads, bookmarks etc. On top of that, your code is wide open to CSRF attacks, which means that more or less everybody can freely delete files on your server. Learn the basics of HTTP, especially the meaning of GET and POST. Understand that the WWW is a public infrastructure with a lot of hostile activity. Even if you think your website is restricted to a handful of users, that's not actually the case. The script you've shown can be attacked by anybody who has read a few Wikipedia articles. Thanks You so much for the info sir and as i'm a noob i'll surely understand security norms of http as time goes But for now this is just a college project that i'm working on and the real life implementation only requires the admin to make all changes that's the reason i'm not concerned with my script security here But i do appreciate the knowledge Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551654 Share on other sites More sharing options...
requinix Posted September 20, 2017 Share Posted September 20, 2017 My first try was with glob but in my case glob wasn't able to locate the directory so i went ahead with this could you give me a link or example or glob similar to my case appreciate the reply If you want an example then the documentation is a great place to look. Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551657 Share on other sites More sharing options...
Jacques1 Posted September 20, 2017 Share Posted September 20, 2017 But for now this is just a college project [...] If I got a dollar every time somebody says this, I would be a rich man. I don't know what kind of college is this, but my professors actually checked my work and would have immediately rejected a submission which doesn't even survive the most basic tests. This is not just wrong. It shows a fundamental misunderstand of programming basics. Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551658 Share on other sites More sharing options...
sagar_24 Posted September 20, 2017 Author Share Posted September 20, 2017 If I got a dollar every time somebody says this, I would be a rich man. I don't know what kind of college is this, but my professors actually checked my work and would have immediately rejected a submission which doesn't even survive the most basic tests. This is not just wrong. It shows a fundamental misunderstand of programming basics. Haha You'll be rich anyways. I know the college is too bad to care But this project is like a notice board to keep students updated so only the admin will have the ip or access to do it and so not to misunderstand any basics i'm using glob instead of get now Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551667 Share on other sites More sharing options...
sagar_24 Posted September 20, 2017 Author Share Posted September 20, 2017 If you want an example then the documentation is a great place to look. Thanks for the help Bud! Quote Link to comment https://forums.phpfreaks.com/topic/305059-delete-files-with-same-prefix-name-but-different-extensions-php/#findComment-1551668 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.