Creating a file manager with PHP
(Page 3 out of 3)Deleting files
This is probably the easiest feature of our file manager, and all we have to do is check if the file exists (which we've already done in the previous features), and then delete the file using the unlink() function. This is the complete deleting script:
$path = 'G:\projects\PHPit\content\creating file system php\demos\upload\\';
// Get file
if (!isset($_GET['file'])) { die('Invalid File'); }
$file = $_GET['file'];
// Create file path
$filepath = $path . $file;
// Now check if there isn't any funny business going on
if ($filepath != realpath($filepath)) {
die('Security error! Please go back and try again.');
}
// Delete the file
unlink($filepath);
?>
Wrapping it all up
The only thing that still misses in our file manager is a way to view all the files that are uploaded. Thankfully, the code for this is very simply, and all we need to use is the inbuilt dir class that comes standard with PHP. The code below does exactly what we want:
$d = dir($path);
$files = array();
while (false !== ($file = $d->read())) {
if ($file == '.' OR $file == '..') continue;
$arr = array();
$arr['name'] = $file;
$arr['path'] = $d->path . $file;
$arr['size'] = filesize($arr['path']);
$files[] = $arr;
}
All the files that are in the upload directory have now been added to the $files array, and can be used to show a list, table, etc.
If you now combine all the code that I've given you in this tutorial, you get something like this: PHP Filemanager.
Click here to download the source of this script (You must change the upload directory, which can be changed in the uploadpath.php file).
Conclusion
In this tutorial I've shown you how to create a really simple file manager, which allows you to upload, edit, delete and download files. Of course this is a really simple example, and there are hundreds of other features you can add, like user accounts, private directories, password protected files, etc. The sky is the limit really.
One thing you should always think about is security. I've been hit by file security problems myself in the past, and you always have to make sure that your script doesn't inadvertently show the wrong file, as this could lead to serious exploits.
If you have any comments or questions on this tutorial, feel free to leave them in the comments below or join us at PHPit Forums.
January 23rd, 2006 at 1:31 pm
This is a really bad tutorial in a few ways:
* All files are uploaded in a directory accessible by the webserver, I can enter /upload on the live example and run my own php scripts.
* Magic quotes is probably enabled. So in the files ‘ will be converted to \’ . This is not really usefull for most files
January 23rd, 2006 at 2:47 pm
Now think about a file manager web 2.0. Using set of class like prototype.js … now that would be something wouldn’t it?.
January 23rd, 2006 at 4:20 pm
Evert: you are absolutely right, and I’ve fixed the problem, though this problem only exists in the demo. Normally, you would place the upload directory above the web root anyway.
As for the magic quotes problem; it’s a very easy fix.
Bocse: That would be pretty neat, and something to consider writing. Imagine what you could create with prototype.js, ajax, and more.
January 23rd, 2006 at 9:55 pm
[…] The second article is Creating a file manager with PHP. It treats the basics of uploading files and working with files in PHP (opening, editing, deleting files) […]
January 23rd, 2006 at 11:26 pm
Interesting article Dennis. I don’t agree with Evert, it’s not a bad tutorial. But it’s good you added the lines about security. The difficulty with tutorials like these is that you want to focus on one problem. Here, uploading/managing files. If you would add an explanation of every weak point of every script, each tutorial would be at least 20 pages. But nonetheless, a few warnings, even just a few lines is never bad. Looking forward to your next articles.
January 25th, 2006 at 9:19 pm
[…] var site=”s20phpit” « Previous Creating a file manager with PHP […]
January 26th, 2006 at 7:37 pm
[…] In a previous article I have posted a link to a PHPIt article: Creating a file manager with PHP. Now, PHPIt created the second tutorial in this series: Creating a SECURE file manager with PHP. It has all the information you need to secure your file manager made using the previous article. […]
June 22nd, 2006 at 6:05 pm
This is a great tutorial, however why does it not include the ability to access different folders in a directory? Do I need to change something in the code? Maybe I am just overlooking something. If someone could help me I would greatly apreciate it.
August 5th, 2006 at 11:24 pm
This is a great tutorial. You can add some AJAX to show the Progress bar to the user. Keep it up..
August 16th, 2006 at 4:22 am
I have problem in viewing encryted image file to view in IE6 SP1. just the images doesnt render properly while the other type (like pdf) doesnt have any error.
is it IE setting? IE really sucks at all time.