FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Connected to another part of a php script.





cr3ativ3
Ok this is probably a really stupid question but I am asking it couldn't find anything about it using google probably cause I was searching the wrong thing.

I am trying to use a link in html to link to another part of a php file. I have a script displaying a directory and using looping to show the pages in the directory but I am trying to have it where when the press a image link in that loop it goes to another part of that script that contains another web page which carry's out the delete.

Here is an example of my code:

Code:

<?php

// path to the folder listed - can be full path
//$path = "/var/www/html/";
//or relative path
$path = "./";

// Open the folder for display
$dir_handle = @opendir($path) or die("Unable to open $path");

// Loop through the files
while (false !== ($file = readdir($dir_handle))) {
    // do not display current file
    if($file == "opendir.php")
    continue;
   if($file == "FCKeditor")
    continue;
   if($file == "userdata")
    continue;
   if($file == "images")
    continue;
   if($file == ".")
    continue;
   if($file == "..")
    continue;
    // Display file links
    echo "<table border=\"0\" width=\"100%\">";
   echo "<tr><td><a href=\"$file\"><img src=\"images/file.PNG\" border=\"0\"></a> <a href=\"$file\">$file</a></td><td width=\"16\" height=\"16\"><img src=\"images/view.PNG\" border=\"0\"></td><td width=\"16\" height=\"16\"><img src=\"images/edit.PNG\" border=\"0\"></td><td width=\"16\" height=\"16\"><a href=\"!!Delete!!\"><img src=\"images/delete.PNG\" border=\"0\"></a></td></tr>";
   echo "</table>";
}

// Close directory
closedir($dir_handle);

!!Delete!!
unlink($file);
echo "<html><body>File Succesfully Deleted</body></html>"
else echo "<html><body>Unable To Delete File</body></htm>"
?>


I know there is probably some syntax errors in that. But thats what I am trying to do I am trying to link !!Delete!! in the link in the loop to the !!Delete!! part of the script.

Also if there is a way of putting the php script right in the link I would rathe r do that like this:

Code:
<?php

// path to the folder listed - can be full path
//$path = "/var/www/html/";
//or relative path
$path = "./";

// Open the folder for display
$dir_handle = @opendir($path) or die("Unable to open $path");

// Loop through the files
while (false !== ($file = readdir($dir_handle))) {
    // do not display current file
    if($file == "opendir.php")
    continue;
   if($file == "FCKeditor")
    continue;
   if($file == "userdata")
    continue;
   if($file == "images")
    continue;
   if($file == ".")
    continue;
   if($file == "..")
    continue;
    // Display file links
    echo "<table border=\"0\" width=\"100%\">";
   echo "<tr><td><a href=\"$file\"><img src=\"images/file.PNG\" border=\"0\"></a> <a href=\"$file\">$file</a></td><td width=\"16\" height=\"16\"><img src=\"images/view.PNG\" border=\"0\"></td><td width=\"16\" height=\"16\"><img src=\"images/edit.PNG\" border=\"0\"></td><td width=\"16\" height=\"16\"><a href=\"unlink($file)\"><img src=\"images/delete.PNG\" border=\"0\"></a></td></tr>";
   echo "</table>";
}

// Close directory
closedir($dir_handle);
?>
hexkid
No, you cannot link to another part of a php file.
A PHP script never waits for user interaction (*); most PHP scripts finish even before the page is displayed in the browser. When a user clicks a link to a PHP script, that script will always start from the beginning.

What you can do is perform different actions depending on parameters:
http://example.com/test.php?action=delete&what=/
http://example.com/test.php?action=download&what=/var/www/html/foobar.zip
http://example.com/test.php?action=showimg&what=/var/www/img/photo6432.jpg

ATTENTION: NEVER TRUST USER INPUT!!
The user input in those URLs are the "action" and the "what".

So your !!Delete!! link should be something like
<a href="test.php?action=delete&what=$file"><img src="images/delete.PNG"></a>
But remember the users can change the URL and delete, for instance, index.php
http://example.com/test.php?action=delete&what=../index.php

and your script could start with
Code:
<?php
if isset($_GET['action']) {
  switch (strtolower($_GET['action'])) {
    case 'delete' : do_delete(@$_GET['what']); break;
    case 'download' : do_download(@$_GET['what']); break;
    case 'showimg' : do_showimg(@$_GET['what']); break;
    default : break;
  }
}

// your code to list files in a path

// do_something() functions
function do_delete($file) {
  ###
  ### DO NOT DO THIS. IT IS EXTREMELY UNSAFE
  ### USER CAN DELETE ANYTHING THE WEBSERVER
  ### HAS ACCESS TO
  ### YOU ALWAYS NEED TO VALIDATE ALL USER INPUT
  ###
  return unlink($file);
}
?>



(*) Unless you're an experienced programmer doing something not directly web-related.
cr3ativ3
Ok, Thanks so much but I am a little confused with the script so you don'
t want me to add the:

Code:
###
  ### DO NOT DO THIS. IT IS EXTREMELY UNSAFE
  ### USER CAN DELETE ANYTHING THE WEBSERVER
  ### HAS ACCESS TO
  ### YOU ALWAYS NEED TO VALIDATE ALL USER INPUT
  ###
  return unlink($file);
}


or do you. I am thank-full you told me about the securness of using unlink() because I am creating a web site editor (browser based).

I am not sure if unlink needs 777 permission because if it did I was just going to make all the files that don't need to be 777 to be something like 644.
hexkid
cr3ativ3 wrote:
so you don't want me to add [ the code ] or do you.

Not as I've written it. It desperately needs validation!

cr3ativ3 wrote:
I am not sure if unlink needs 777 permission because if it did I was just going to make all the files that don't need to be 777 to be something like 644.

That might work. Or (even better, do that and) validate in the do_delete() function

Code:
function do_delete($file) {
  if ($file == '') return false; /* do nothing for empty file names */
  if (strpos($file, '/') !== false) return false; /* do nothing for file names with a slash in them */
  if (strpos($file, '..') !== false) return false; /* do nothing for file names with ".." in them */
  if ($file{0} == '.') return false; /* do nothing for file names starting with a period */
  if (substr_count($file, '.') != 1) return false; /* do nothing for files without a period, or with two or more periods */
  // etc, etc, etc

  // now you can delete it
  return unlink($file);
}
Related topics
Phoenix free PHP scripts
error in my PHP script
how can i make a php script for enter username and password?
Inserting data to MYSQL with a PHP script
Running a "Hello World" php script
[PHP] Running Cron Jobs Via PHP Script
Simple PHP script not working
PHP Script- How can we install it
I need a VERY simple php script
PHP Script needed
another simple php request
Logging systeem php script
PHP Script Needed for 250 frih$
How to send an email from a PHP script?
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.