ASPit - Totally ASP JSit - Totally JavaScript
Search PHPit

Use this textbox to search for articles on PHPit. Seperate keywords with a space.


Creating a file manager with PHP

(Page 3 out of 3)

Deleting files

This is probably the easiest feature of our file manager, and all we have to do is check if the file exists (which we've already done in the previous features), and then delete the file using the unlink() function. This is the complete deleting script:

$path = 'G:\projects\PHPit\content\creating file system php\demos\upload\\';

// Get file
if (!isset($_GET['file'])) { die('Invalid File'); }
$file = $_GET['file'];

// Create file path
$filepath = $path . $file;

// Now check if there isn't any funny business going on
if ($filepath != realpath($filepath)) {
        die('Security error! Please go back and try again.');

// Delete the file


Wrapping it all up

The only thing that still misses in our file manager is a way to view all the files that are uploaded. Thankfully, the code for this is very simply, and all we need to use is the inbuilt dir class that comes standard with PHP. The code below does exactly what we want:

// Get files in directory
$d = dir($path);
$files = array();
while (false !== ($file = $d->read())) {
        if ($file == '.' OR $file == '..') continue;
        $arr = array();
        $arr['name'] = $file;
        $arr['path'] = $d->path . $file;
        $arr['size'] = filesize($arr['path']);

        $files[] = $arr;

All the files that are in the upload directory have now been added to the $files array, and can be used to show a list, table, etc.

If you now combine all the code that I've given you in this tutorial, you get something like this: PHP Filemanager.

Click here to download the source of this script (You must change the upload directory, which can be changed in the uploadpath.php file).


In this tutorial I've shown you how to create a really simple file manager, which allows you to upload, edit, delete and download files. Of course this is a really simple example, and there are hundreds of other features you can add, like user accounts, private directories, password protected files, etc. The sky is the limit really.

One thing you should always think about is security. I've been hit by file security problems myself in the past, and you always have to make sure that your script doesn't inadvertently show the wrong file, as this could lead to serious exploits.

If you have any comments or questions on this tutorial, feel free to leave them in the comments below or join us at PHPit Forums.

« Previous: Streaming & Editing

10 Responses to “Creating a file manager with PHP”

  1. Evert Says:

    This is a really bad tutorial in a few ways:

    * All files are uploaded in a directory accessible by the webserver, I can enter /upload on the live example and run my own php scripts.
    * Magic quotes is probably enabled. So in the files ‘ will be converted to \’ . This is not really usefull for most files

  2. Bocse L Filip Says:

    Now think about a file manager web 2.0. Using set of class like prototype.js … now that would be something wouldn’t it?.

  3. Dennis Pallett Says:

    Evert: you are absolutely right, and I’ve fixed the problem, though this problem only exists in the demo. Normally, you would place the upload directory above the web root anyway.

    As for the magic quotes problem; it’s a very easy fix.

    Bocse: That would be pretty neat, and something to consider writing. Imagine what you could create with prototype.js, ajax, and more.

  4. Piku’s PHP Blog » PHPit articles Says:

    […] The second article is Creating a file manager with PHP. It treats the basics of uploading files and working with files in PHP (opening, editing, deleting files) […]

  5. Matthijs Says:

    Interesting article Dennis. I don’t agree with Evert, it’s not a bad tutorial. But it’s good you added the lines about security. The difficulty with tutorials like these is that you want to focus on one problem. Here, uploading/managing files. If you would add an explanation of every weak point of every script, each tutorial would be at least 20 pages. But nonetheless, a few warnings, even just a few lines is never bad. Looking forward to your next articles.

  6. PHPit - Totally PHP » Creating a SECURE file manager with PHP Says:

    […] var site=”s20phpit” « Previous Creating a file manager with PHP […]

  7. Piku’s PHP Blog » Creating a SECURE file manager with PHP Says:

    […] In a previous article I have posted a link to a PHPIt article: Creating a file manager with PHP. Now, PHPIt created the second tutorial in this series: Creating a SECURE file manager with PHP. It has all the information you need to secure your file manager made using the previous article. […]

  8. Tyler Says:

    This is a great tutorial, however why does it not include the ability to access different folders in a directory? Do I need to change something in the code? Maybe I am just overlooking something. If someone could help me I would greatly apreciate it.

  9. Moses Says:

    This is a great tutorial. You can add some AJAX to show the Progress bar to the user. Keep it up..

  10. Levi Says:

    I have problem in viewing encryted image file to view in IE6 SP1. just the images doesnt render properly while the other type (like pdf) doesnt have any error.

    is it IE setting? IE really sucks at all time.

Leave a Reply

About the author
Dennis Pallett is the main contributor to PHPit. He owns several websites, including ASPit and Chill2Music. He is currently still studying.
Article Index
  1. Uploading files
  2. Streaming & Editing
  3. Deleting & Wrap-up
Bookmark Article
Download Article
Download this article as a PDF file