deleting a file

  • iochinome
  • Beginner
  • Beginner
  • iochinome
  • Posts: 42

Post 3+ Months Ago

hey guys, i want to be able to manage files on my site via php, so if i wanted do delete some useless php file or something, how would i go about that? i know how to upload with forms and all that... is it just the opposite? thanks
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • George L.
  • Bronze Member
  • Bronze Member
  • George L.
  • Posts: 2209
  • Loc: Malaysia

Post 3+ Months Ago

huh?

Just right click, and delete.
  • Prime
  • Professor
  • Professor
  • User avatar
  • Posts: 935
  • Loc: Liverpool

Post 3+ Months Ago

http://uk3.php.net/unlink

maybe what ur after :)
  • iochinome
  • Beginner
  • Beginner
  • iochinome
  • Posts: 42

Post 3+ Months Ago

so does that actually delete a file stored on my website or just some text file my website creates on the users pc for no reason? thanks
  • iochinome
  • Beginner
  • Beginner
  • iochinome
  • Posts: 42

Post 3+ Months Ago

oh okay i see i got it to work, the only problem i am having is it wont let me delete files not in the unlinking file's directory. how would i go about that? thanks
  • iochinome
  • Beginner
  • Beginner
  • iochinome
  • Posts: 42

Post 3+ Months Ago

something like this doesnt seem to work: (this appears in a file at http://www.domain.com/directory/file.php)

$myfile = "http://www.domain.com/deletingfile.html";
unlink($myfile);
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

Maybe this would help you?
  • iochinome
  • Beginner
  • Beginner
  • iochinome
  • Posts: 42

Post 3+ Months Ago

a bit complicated isnt it... so is there no way to jump up one level easily, because i know i have seen it somewhere... thanks
  • Bogey
  • Genius
  • Genius
  • Bogey
  • Posts: 8388
  • Loc: USA

Post 3+ Months Ago

iochinome wrote:
a bit complicated isnt it... so is there no way to jump up one level easily, because i know i have seen it somewhere... thanks

There is... have you tried the script I gave you? Here is an updated version of it...
PHP Code: [ Select ]
<?php
 function EditFiles() {
   $thisPage = basename($_SERVER['PHP_SELF']);
   echo '<div class="FileEditMenu">'."\n";
   echo '<p>Select which file to edit</p>'."\n";
   if(isset($_GET['dir']))
   {
    $dir = $_GET['dir'];
    if(preg_match_all('$.*[\/]+[\/]*$',$dir,$stick))
    {
      $cnt2 = strlen($stick[0][0]);
      $i = 1;
      foreach($stick[0] as $value)
      {
       $i++;
       if($i = 1)
       {
         echo '<p class="back"><a href="'. $thisPage .'?dir='. substr($value, 0, $cnt2-1) .'&amp;act=EditFiles">Go Back</a></p>'."\n";
       }
      }
    } else {
      echo '<p class="back"><a href="'. $thisPage .'?act=EditFiles">Go Back</a></p>'."\n";
    }
    foreach(new DirectoryIterator('../'. $dir) as $file)
    {
      if ((!$file->isDot()) && ($file->getFilename() != basename($_SERVER['PHP_SELF']))) {
       if($file->isDir())
       {
         echo '[DIR] <a href="'. $thisPage .'?dir='. $dir .'/'. $file->getFilename() .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
       } else {
         echo '<a href="'. $thisPage .'?file='. $dir .'/'. $file->getFilename() .'&amp;dir='. $dir .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
       }
      }
    }
   } else {
    foreach(new DirectoryIterator('..') as $file)
    {
      if ((!$file->isDot()) && ($file->getFilename() != basename($_SERVER['PHP_SELF']))) {
       if($file->isDir())
       {
         echo '[DIR] <a href="'. $thisPage .'?dir='. $file->getFilename() .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
       } else {
         echo '<a href="'. $thisPage .'?file='. $file->getFilename() .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
       }
      }
    }
   }
   echo '<p style="font-size: 12px;">[DIR] = Directory</p>'."\n";
   echo '</div>'."\n";
   
   $dir = '&amp;dir='. $_GET['dir'];
   if(isset($_GET['file']))
   {
    $filename = $_GET['file'];
    $fhandle = fopen('../'. $filename, "r+");
    if($fhandle && ('../'. $filename != basename($_SERVER['PHP_SELF'])))
    {
      $contents = file_get_contents('../'. $filename);
      echo 'Editing <strong>'. $filename .'</strong><br />'."\n";
      echo '<form action="'. $thisPage .'?file='. $filename . $dir .'&amp;act=EditFiles" method="post">';
      echo '<div>'."\n";
      $contents = htmlspecialchars($contents);
      echo '<textarea rows="36" cols="87.5" name="contents2">'. $contents .'</textarea><br />'."\n";
      echo '<input type="hidden" value="'. $filename .'" name="file" />'."\n";
      echo '<input type="submit" value="Save" name="Save" /> <input type="reset" value="Reset" name="reset" />';
      echo '</div>'."\n";
      echo '</form>'."\n";
      if(isset($_POST['Save']))
      {
       $contents2 = $_POST['contents2'];
       $filename = $_POST['file'];
       $write = file_put_contents('../'. $filename, $contents2);
       if($write)
       {
         echo '<div class="msg">'."\n";
         echo '<p>File successfully edited</p>'."\n";
         echo '</div>'."\n";
       } else {
         echo '<div class="msg">'."\n";
         echo '<p>Could not write the contents to file.</p>'."\n";
         echo '<textarea rows="30" cols="100">'. $contents2 .'</textarea><br />'."\n";
         echo '</div>'."\n";
       }
      }
      fclose($fhandle);
    } else {
      echo '<div class="msg">'."\n";
      echo '<p>Failed to open file. The problem could be because:</p>'."\n";
      echo '<ol>'."\n";
      echo '<li>You are trying to edit this file</li>'."\n";
      echo '<li>The file is a directory</li>'."\n";
      echo '<li>The file doesn\'t exist</li>'."\n";
      echo '</ol>'."\n";
      echo '</div>'."\n";
    }
   }
 }
  1. <?php
  2.  function EditFiles() {
  3.    $thisPage = basename($_SERVER['PHP_SELF']);
  4.    echo '<div class="FileEditMenu">'."\n";
  5.    echo '<p>Select which file to edit</p>'."\n";
  6.    if(isset($_GET['dir']))
  7.    {
  8.     $dir = $_GET['dir'];
  9.     if(preg_match_all('$.*[\/]+[\/]*$',$dir,$stick))
  10.     {
  11.       $cnt2 = strlen($stick[0][0]);
  12.       $i = 1;
  13.       foreach($stick[0] as $value)
  14.       {
  15.        $i++;
  16.        if($i = 1)
  17.        {
  18.          echo '<p class="back"><a href="'. $thisPage .'?dir='. substr($value, 0, $cnt2-1) .'&amp;act=EditFiles">Go Back</a></p>'."\n";
  19.        }
  20.       }
  21.     } else {
  22.       echo '<p class="back"><a href="'. $thisPage .'?act=EditFiles">Go Back</a></p>'."\n";
  23.     }
  24.     foreach(new DirectoryIterator('../'. $dir) as $file)
  25.     {
  26.       if ((!$file->isDot()) && ($file->getFilename() != basename($_SERVER['PHP_SELF']))) {
  27.        if($file->isDir())
  28.        {
  29.          echo '[DIR] <a href="'. $thisPage .'?dir='. $dir .'/'. $file->getFilename() .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
  30.        } else {
  31.          echo '<a href="'. $thisPage .'?file='. $dir .'/'. $file->getFilename() .'&amp;dir='. $dir .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
  32.        }
  33.       }
  34.     }
  35.    } else {
  36.     foreach(new DirectoryIterator('..') as $file)
  37.     {
  38.       if ((!$file->isDot()) && ($file->getFilename() != basename($_SERVER['PHP_SELF']))) {
  39.        if($file->isDir())
  40.        {
  41.          echo '[DIR] <a href="'. $thisPage .'?dir='. $file->getFilename() .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
  42.        } else {
  43.          echo '<a href="'. $thisPage .'?file='. $file->getFilename() .'&amp;act=EditFiles">'. $file->getFilename() .'</a><br />'."\n";
  44.        }
  45.       }
  46.     }
  47.    }
  48.    echo '<p style="font-size: 12px;">[DIR] = Directory</p>'."\n";
  49.    echo '</div>'."\n";
  50.    
  51.    $dir = '&amp;dir='. $_GET['dir'];
  52.    if(isset($_GET['file']))
  53.    {
  54.     $filename = $_GET['file'];
  55.     $fhandle = fopen('../'. $filename, "r+");
  56.     if($fhandle && ('../'. $filename != basename($_SERVER['PHP_SELF'])))
  57.     {
  58.       $contents = file_get_contents('../'. $filename);
  59.       echo 'Editing <strong>'. $filename .'</strong><br />'."\n";
  60.       echo '<form action="'. $thisPage .'?file='. $filename . $dir .'&amp;act=EditFiles" method="post">';
  61.       echo '<div>'."\n";
  62.       $contents = htmlspecialchars($contents);
  63.       echo '<textarea rows="36" cols="87.5" name="contents2">'. $contents .'</textarea><br />'."\n";
  64.       echo '<input type="hidden" value="'. $filename .'" name="file" />'."\n";
  65.       echo '<input type="submit" value="Save" name="Save" /> <input type="reset" value="Reset" name="reset" />';
  66.       echo '</div>'."\n";
  67.       echo '</form>'."\n";
  68.       if(isset($_POST['Save']))
  69.       {
  70.        $contents2 = $_POST['contents2'];
  71.        $filename = $_POST['file'];
  72.        $write = file_put_contents('../'. $filename, $contents2);
  73.        if($write)
  74.        {
  75.          echo '<div class="msg">'."\n";
  76.          echo '<p>File successfully edited</p>'."\n";
  77.          echo '</div>'."\n";
  78.        } else {
  79.          echo '<div class="msg">'."\n";
  80.          echo '<p>Could not write the contents to file.</p>'."\n";
  81.          echo '<textarea rows="30" cols="100">'. $contents2 .'</textarea><br />'."\n";
  82.          echo '</div>'."\n";
  83.        }
  84.       }
  85.       fclose($fhandle);
  86.     } else {
  87.       echo '<div class="msg">'."\n";
  88.       echo '<p>Failed to open file. The problem could be because:</p>'."\n";
  89.       echo '<ol>'."\n";
  90.       echo '<li>You are trying to edit this file</li>'."\n";
  91.       echo '<li>The file is a directory</li>'."\n";
  92.       echo '<li>The file doesn\'t exist</li>'."\n";
  93.       echo '</ol>'."\n";
  94.       echo '</div>'."\n";
  95.     }
  96.    }
  97.  }

Except it's made for editing files not deleting... you should be easily be able to update the script to fit your need...

//Sorry about those classed divs and p's and stuff... took it directly from my site...
  • trevHCS
  • Novice
  • Novice
  • trevHCS
  • Posts: 34
  • Loc: NW England, UK

Post 3+ Months Ago

The following applies to Linux servers running Apache, but I'd guess Windows and IIS is similar:


The problem with deleting files with PHP is that usually Apache runs as user "nobody" and so does PHP. This means it can only manage (edit/delete) files which have been either created by PHP or uploaded by PHP (or another process running as "nobody").

The unlink() command within PHP will usually be able to delete files as long as they come under the above criteria. If not then it'll issue an E_WARNING telling you it doesn't have permission.


If you're still having trouble, you might be able to supply the command:

$path_to_file = /home/username/public_html/file_to_delete.txt
shell_exec('rm -f ' . $path_to_file)

I'm pretty sure that'll run with a higher user type and it issues the command in the background just as if you'd run it from the command line. The "rm" removes the file and the "-f" tells it not to ask (since you can't hit "y").

If it comes to the crunch, in theory you should be able to issue either a Perl command but I can't remember off hand how you invoke Perl from the command line. Would need to look that up for you.


Just remember never accept user input relating to which file to delete as someone might supply something a little less than useful. The above won't delete root, well not unless you issue "rm -rf", but they could still delete an awful lot.

Trev
  • matrix14
  • Novice
  • Novice
  • matrix14
  • Posts: 15
  • Loc: Indonesia

Post 3+ Months Ago

Adds:

If deleting a file via "URL" path, make sure your server has file wrapper function enabled.

Post Information

  • Total Posts in this topic: 11 posts
  • Users browsing this forum: No registered users and 156 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.