Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 364
  • Last Modified:

PHP Delete record and related image in folder

Dear Experts,

I have a custom built CMS, part of which allows images to be uploaded. I have built my CMS using Dreamweaver. When images are uplaoded, they have an entry inserted in an 'images' table on my DB as well as being uploaded to a folder.

I have a simple 'Delete Record' script that allows images to be deleted from the DB but I need it expanded to delete the actual image in the folder as well.

----------------------------------------------------------------------------------------------------------
The images table is as follows:
----------------------------------------------------------------------------------------------------------
image_ID (pk)
image_desc
image_path
item_ID
----------------------------------------------------------------------------------------------------------
The Delete Script :
----------------------------------------------------------------------------------------------------------
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

if ((isset($_GET['img_ID'])) && ($_GET['img_ID'] != "")) {
  $deleteSQL = sprintf("DELETE FROM images WHERE img_ID=%s",
                       GetSQLValueString($_GET['img_ID'], "int"));

  mysql_select_db($database_mphillips, $mphillips);
  $Result1 = mysql_query($deleteSQL, $mphillips) or die(mysql_error());

  $deleteGoTo = "confirm_delImg.php?item_ID=" . $_GET['item_ID'] . "";
  if (isset($_SERVER['QUERY_STRING'])) {
    $deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
    $deleteGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $deleteGoTo));
}
?>
----------------------------------------------------------------------------------------------------------

I know there is a way, but my knowledge fails me. Any help appreciated.
0
MariusGM
Asked:
MariusGM
  • 6
  • 5
2 Solutions
 
steelseth12Commented:
This should work.

if ((isset($_GET['img_ID'])) && ($_GET['img_ID'] != "")) {
  $deleteSQL = sprintf("DELETE FROM images WHERE img_ID=%s",
                       GetSQLValueString($_GET['img_ID'], "int"));

  mysql_select_db($database_mphillips, $mphillips);
 
  $get_img_path = mysql_query("SELECT image_path FROM images WHERE img_ID=".GetSQLValueString($_GET['img_ID'], "int"));
 
  list($img_path) = mysql_fetch_row($get_img_path);
 
  unlink($img_path);
 
  $Result1 = mysql_query($deleteSQL, $mphillips) or die(mysql_error());

  $deleteGoTo = "confirm_delImg.php?item_ID=" . $_GET['item_ID'] . "";
  if (isset($_SERVER['QUERY_STRING'])) {
    $deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
    $deleteGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $deleteGoTo));
}

Note:
Above you state that the primary key is image_ID but in the script you use img_ID, i used img_ID
0
 
MariusGMAuthor Commented:
Hi steelseth12, that looks perfect. Your right, the pk is img_ID. Typo in the question.

One question I have regarding the unlink of the path. Does the path have to be absolute or relative or what?

As it stands within the DB, paths are stored as (../assets/images/someimage.jpg)
0
 
steelseth12Commented:
it doesn't matter if its absolute or relative as long as it is accessible from the script.


for the script to work for ../assets/images/someimage.jpg it means that it is located in a directory on the same level as assets.


0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
MariusGMAuthor Commented:
Sorry buddy, doesn't seem to work. The script is in a folder on the same level. I have ensured the folder permissions are set to 0777. But still no joy.
0
 
steelseth12Commented:
is the script included from another file ?
0
 
MariusGMAuthor Commented:
No, the page is requested directly through a link i.e. del_img.php?img_ID=123
0
 
steelseth12Commented:
do you get any errors ?
0
 
MariusGMAuthor Commented:
No errors. The record is deleted and $deleteGoTo is performed. but the file still exists on the server.
0
 
steelseth12Commented:
comment out the header so we can see the error.

#  header(sprintf("Location: %s", $deleteGoTo));
0
 
MariusGMAuthor Commented:
Ok, I've done what you you have suggested.

del_img.php does not redirect and stays but no error message appears. Source code is blank. Record is deleted, file remains.
0
 
JagermonsterCommented:
ok i dont know if i understand correctly but do you have the image saved in a folder, and then just the link to the image saved in the database?
if that is the case, then you successfully remove the link in the database, but the file is still in the folder?
do you have the filename saved in the db, you must then after the query was performed use
unlink("image_name.jpg");
this is how you delete files, with the filename using php.
put this line just after where the query was performed in your confirm_delImg.php file
0
 
steelseth12Commented:
if the unlink() function diesnt find the file specified it should give out a warning.
Put

error_reporting(E_ALL);
ini_set("display_errors","on");


on the beginning of the file.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now