[SOLVED] Cookie/GET help

LemonInflux · September 2, 2007

OK, I'm doing an image hoster, as many of you know, and I've been trying for a number of days to get a delete function working. The problem is, I can't get the delete.php page to actually do anything. So, I changed my method of deleting from a link next to each picture to a checkbox system. Here's the code that shows all the directory's files with the checkboxes next to them:

<?
$handle = @opendir($f_user);

if(!empty($handle))
{
while(false !== ($file = readdir($handle)))
{
if(is_file($f_user . "/" . $file))
echo '<a href="'. $f_user .'/'. $file .'">'. $file .'</a><input type=checkbox name="'.$file.'" value="delete"><br><br>';
}
}

closedir($handle);
?>

What I want to know is, when the user clicks 'delete selected' (not shown in above code), how do I get said files to delete? I can't say 'unlink(filename);' because filename is $file, and due to the loop, $file applies to everything. Soo, how do I define the checkboxes to unlink? I've been told cookies are one method, but I can't figure out how to do them, and also that I could use GET, although I'm equally as stuck on that, because I'm not submitting any real information, therefore I can't do anything with it, so I'd have to 'GET' the file from the URL. If you want to see a working example:

http://www.reflexprojects.net/rs/upload/secure_page.php - Username: test, Password: test

TheFilmGod · September 2, 2007

Sure you can use get. Its actually rather easy.

This is what I would do. I'm a bit confused what you want to do, but I'll give it a shot.

url: website.com/delete.php?id=4

<?php

$id = $_GET['id'];

$directory = "files/images/"; // directory to all images

$ext = "jpg"; //extension of image

$file = "$id.$ext"; // uses the id of the image and adds a dot and the extension

unlink ($directory . $file);

?>

The problem would happen when $ext is different for every file. You would then have to create a database driven thing, so once a user uploads a file you use php to get the extension of that file and put it in a column. Then use select mysql function and mysql_fetch_assoc to get the extension...

And then it should work!!

LemonInflux · September 2, 2007

I'm not using any mysql, and I'm not sure how to set Id's. The name of the cb is the name of the file.

Fadion · September 2, 2007

Instead of an id pass the filename in the url. It may be a security concern so a better way would be to pass it encrypted. Ex:

$urlVar = md5('filename.jpg');
echo "<a href=\"page.php?delete={$urlVar}\" />

$fileURL = $_GET['delete'];
//loop through the file
    if($fileURL = md5($file)){ //where $file is the filename got from the folder
        unlink($file);
    }
//loop end

TheFilmGod · September 2, 2007

Instead of an id pass the filename in the url. It may be a security concern so a better way would be to pass it encrypted. Ex:
$urlVar = md5('filename.jpg');
echo "<a href=\"page.php?delete={$urlVar}\" />
$fileURL = $_GET['delete'];
//loop through the file
    if($fileURL = md5($file)){ //where $file is the filename got from the folder
        unlink($file);
    }
//loop end

How code it be a security risk if only an adminstrator has the right to access the delete.php otherwise it throughs a 403 Forbidden? I mean seriously, don't do any extra work when not necessary.

Fadion · September 2, 2007

How code it be a security risk if only an adminstrator has the right to access the delete.php otherwise it throughs a 403 Forbidden? I mean seriously, don't do any extra work when not necessary.

I didnt know that and i still cant read it somewhere. If it is really for the admin back end then yeah u really dont need such fancy stuff, but otherwise consider it.

LemonInflux · September 2, 2007

That didn't work.

LemonInflux · September 2, 2007

ok, I've got a url like

http://www.reflexprojects.net/rs/upload/delete.php?delete=file.png

but I can't GET it on the next page. I think the confusion is that the images are stored in a folder (which is named whatever the user's username is).

TheFilmGod · September 2, 2007

You need to do preliminary planning. Because:

1) Not smart to create a folder for each user

2) Can't use the GET in an easy way if each image is named something different (instead name by ids, like I said before)

3) Need to use Mysql to store image title and extension details

LemonInflux · September 2, 2007

1) why not? Look at CuteNews

2) "

3) "

TheFilmGod · September 2, 2007

1) why not? Look at CuteNews

2) "

3) "

Well then don't listen to me. I'm just trying to help.

Second of all, I did a similar project to what you are doing LAST NIGHT. Instead of images it was documents.

I used mysql and had each document auto increment.

You can scratch off number 1 since I didn't do different users. But it was still very similar. The reason you use mysql is because when you want to delete a file already on the server, you can't easily get the extension of the name by simply knowing the id of the file. So you bring it from the mysql and update the extension after you upload a new image. You also use a database for title, author details, and all that jazz.

FINALLY, you MUST name images by auto increment to show all image links on one page:

// Select whole table
$result = mysql_query("SELECT * FROM docs");

// Echo preliminary html
echo "<ul>";

// Initiate Loop
while ( $row = mysql_fetch_assoc( $result )) {

$id_page = $row['id'];
$title = $row['title'];

// Echo the results
echo "<li><a href=\"doc.php?id=$id_page\">$title</a></li>";

// Echo ending html
echo "</ul>";

}

I can give you a link to what I created last night. Its already on the internet and it would be a good start for your project. Reply back and I'll pm you.

LemonInflux · September 2, 2007

I don't want mySQL o_O

TheFilmGod · September 2, 2007

well than good luck getting this thing to work. Its going to be hard. Super hard. Super super hard.

LemonInflux · September 2, 2007

It's been done.

LemonInflux · September 3, 2007

Anyone going to help, or just discourage me?

LemonInflux · September 3, 2007

bump

madspof · September 3, 2007

Lemonflux i have sent you an emai lcontaining the code you need and also i have personal tested it if you need anymore help i will be watching this thread

madspof · September 3, 2007

Lemonflux i have sent you an email containing the code you need and also i have personaly tested it. If you need anymore help i will be watching this thread

Sign In

[SOLVED] Cookie/GET help

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information