Reputation: 759
Button to delete a file using php
I have a php loop which displays all of the files in a directory:
<?php
// Define the full path to your folder from root
$filepath = 'castlewp/cv/'; // The place the files will be uploaded to.
$path = $_SERVER['DOCUMENT_ROOT'] . $filepath;
// Open the folder
$dir_handle = @opendir($path) or die("Unable to open $path");
// Loop through the files
while ($file = readdir($dir_handle)) {
if($file == "." || $file == ".." || $file == "index.php" || $file == ".htaccess" || $file == ".htpasswd" )
continue;
echo "<li><a href=\"$file\">$file</a></li>";
}
// Close
closedir($dir_handle);
?>
I am trying to find a way of adding a button next to each file which will delete the file. I have been playing around with php unlink but so far I have only been able to delete all of the files whenever a person accesses the script, this isn't what I want.
As far as I can tell this is a fairly simple thing to add but my knowledge of PHP is minor so any suggestions would be appreciated.
Upvotes: 0
Views: 3675
Answers (3)
Reputation: 100
Create another script and pass the file name to it by GET parameters and in your current file add something like:
if($file == "." || $file == ".." || $file == "index.php" || $file == ".htaccess" || $file == ".htpasswd" )
continue;
echo "<li><a href=\"$file\">$file</a></li>";
echo "<a href=\"delete.php?f={$file}\">Delete</a>";
Then in your delete.php file copy some of your existing code and modify it to delete the file:
$filepath = 'castlewp/cv/'; // The place the files will be uploaded to.
$path = $_SERVER['DOCUMENT_ROOT'] . $filepath;
if(empty($_GET['f']))
exit();
$file = str_replace(array('/', '..'), '', $_GET['f']);
$filePath = realpath($path.$file);
if($filePath !== FALSE)
unlink($filePath);
Consider this all as an example. You still have to add some security, but I think it is a start point.
Upvotes: 1
Reputation: 2332
First of all: format your code properly. I suggest you to use spacing and/or extra brackets to make your code more readable. The continue statement is the only one executed when the if condition is met, but your source formatting don't make think so.
You forgot also <ul> or <ol> tag for your list. Check W3C standards for lists.
A simple implementation is based on a element with a submit button. This is plain html. Insert your
Generate this (or similar) html:
<form action="myfilemanager.php" method="post" name"=formfilemanager">
<ul>
<li>filename1.dat <input type="submit" name="filename1.dat" value="delete"/></li>
<li>filename2.dat <input type="submit" name="filename2.dat" value="delete"/></li>
....
</ul>
</form>
When you press on "delete" button for filename2.dat, you'll find some parameters on $_POST global:
filename2.dat=delete
If you cycle $_POST array like this
foreach($_POST as $k=>$v) {
if($v=='delete') {
// $k contains the file name to delete
// SANITIZE you input, remove '..','%', whatever
$k=str_replace(array('%','|','/','..'),'',$k);
unlink($filepath.$k);
}
}
Upvotes: 1
Reputation: 1143
try, NOTE: you have to fix the url in the li tag to match your url
<?php
// Define the full path to your folder from root
$filepath = 'castlewp/cv/'; // The place the files will be uploaded to.
$path = $_SERVER['DOCUMENT_ROOT'] . $filepath;
// check if a file is send via GET variable
if (isset($_GET['file'])) {
$fullpath = $path.$file;
// check if file exists
if(file_exists($fullpath)) {
unlink($fullpath);
} else {
// add some error handling here
}
}
// Open the folder
$dir_handle = @opendir($path) or die("Unable to open $path");
// Loop through the files
while ($file = readdir($dir_handle)) {
if($file == "." || $file == ".." || $file == "index.php" || $file == ".htaccess" || $file == ".htpasswd" )
continue;
echo "<li><a href=\"yoururl?file=$file\">$file</a></li>";
}
// Close
closedir($dir_handle);
?>
Upvotes: 1