# Any php gurus here?



## Ping898 (Mar 30, 2007)

I am trying to write up a quick webpage that will all people to pick a file from a directory and delete it.  
Any suggestions?


----------



## Andrew Green (Mar 30, 2007)

Not sure I understand what you mean?

Downloads once and then deletes itself?


----------



## Ping898 (Mar 30, 2007)

No, they are doing a demo and uploading a file, but at the end of the demo they want to go and delete that file so they can upload it next time they demo, but I can't just erase all the files from the directory cause there are some dummy files in it to populate the webpage so they need to be able to choose the specific file to delete and I can't hard code the file to delete cause I was told it needed to be flexible.  So my thought is, shhow them all the files in the directory, have them click a button and that button deletes whatever files it is associated with.


----------



## Andrew Green (Mar 30, 2007)

I assume this isn't a public website then?  Letting people delete files as they please would be messy...

I'm just seeing security holes...  What type of file?  How is it being uploaded? Who is doing the demo?  Public or just internal?


----------



## Ping898 (Mar 30, 2007)

Yeah it is so internal I need a specific computer just to be able to access it.  Security is not a concern in this instance.  File would be a pdf or a doc.


----------



## Andrew Green (Mar 30, 2007)

uploaded by php or ftp?


----------



## Dave Leverich (Mar 30, 2007)

I haven't written one, but look up the unlink function at php.net, that should be the one you're looking for. Then I'd bring in the entire directory as an array, explode them on the '.' so that you can check the end .3 (aka .doc, .txt etc). Then do a for loop on the array to see how many things are in the directory, copy only the .pdf and .doc ones to a new array (so you don't have them deleting like the page they're working on etc).

Then, do the unlink part on those.

I won't belittle it, it's a good bit of programming and i haven't seen one out there as open source. (Or even seen one) but it can be done.


----------



## Andrew Green (Mar 30, 2007)

not hard at all if it doesn't need to be secure:


```
<?php
if($_GET['del'])
{
	$del = $_GET['del'];
	unlink($del);
}
$thisfile = $_SERVER['PHP_SELF'];
$d = dir(".");

while ($f = $d->read()) {
	$l = $thisfile . "?del=" . $f; 
   $page .= "<a href='$l'>$f</a> <br/>\n";
}
$d->close();

echo $page;
?>
```


----------



## Ping898 (Mar 31, 2007)

I've seen the unlink function, problem is I haven't been able to figure out how to make it dynamic to delete the specific file someone chooses.

Andrew I don't understand what your function is doing or how.....


----------



## Dave Leverich (Mar 31, 2007)

Ping, it would be used with fopen, you'd fopen the file based off of which they chose, then unlink that file (vape).

I think I would definitely incorporate a  'Are you certain you wish to permanently delete this file?' warning too hehe.

Best of luck.


----------



## Andrew Green (Mar 31, 2007)

```
<?php
if($_GET['del']) //if 'del' is passed with a file name, we want to delete that file.  ex. ____.php?del=test.txt -> delete test.txt
{
    $del = $_GET['del'];  // Grab it from the GET pass
    unlink($del);         // Delete the file
}
$thisfile = $_SERVER['PHP_SELF'];  // grabs the name of this file
$d = dir(".");  // $d is a class for extracting the contents of a directory (see below)

while ($f = $d->read()) {  // While there is another file to read, read it
    $l = $thisfile . "?del=" . $f;  // creates a link to this file + ?del= the file being listed
   $page .= "<a href='$l'>$f</a> <br/>\n";  // list the file as a link to delete itself.  clicking on the file deletes it
}
$d->close(); // when the loop is done, close the dir class off

echo $page;  // print the page
?>
```

The dir class is here: http://ca.php.net/manual/en/class.dir.php

Does that help?


----------



## Ping898 (Apr 2, 2007)

Thanks Andrew, I was able to get it.


----------



## mrhnau (Apr 12, 2007)

Somewhat related question... I've been working with a tutorial for uploading files using html/php. could you possibly spot the error? I've got these two codes... I'm trying to upload a file. The file is small (less than 100 bytes), I think its confused on where to put it. The tutorial I'm using says 





> *NOTE:* You will need to create a new directory in the directory where _uploader.php_ resides, called "uploads", as we are going to be saving files there.


I've tried giving just the directory as well as an explicit full path. Both are bombing on me... any idea what might be wrong?

upload.html

```
<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload File" />
</form>
```
uploader.php

```
<?php
$target_path = "uploads/";
/*$target_path = "/var/www/html/uploads/";*/
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path))
{
    echo "The file ".  basename( $_FILES['uploadedfile']['name']).
        " has been uploaded";
}
else
{
        echo "There was an error uploading the file, please try again!";
        echo $target_path;
}
?>
```


----------



## Andrew Green (Apr 12, 2007)

mrhnau said:


> I've tried giving just the directory as well as an explicit full path. Both are bombing on me... any idea what might be wrong?



Worked fine as is for me 

The way this is setup you need both those files in the same folder.

In that folder you also need another folder names "uploads" and that folder needs to be chmoded to 777.

Is that what you have?  Are you getting any error messages?


----------



## mrhnau (Apr 12, 2007)

Andrew Green said:


> Worked fine as is for me
> 
> The way this is setup you need both those files in the same folder.
> 
> ...


Dude, you are the bomb  I assume it would be ok to have chmod 722/766? I just hate giving X authority to anyone, or R if they don't need it.  I tried 766 and 722 and it worked. Is there any legitimate reason to give the directory 777? I assume you only need 766 if they are uploading?


----------



## Andrew Green (Apr 12, 2007)

Depends on what else you plan on happening.  But the folder definately needs to be writeable 

And you are write, allowing uploads and read/execute without any other testing of the file would be a rather large security hole 

You'll probably want to add some mime type tests in there as well, restrict this to only specific file types.


----------

