Delete.php file, along with deletion of record in the database, by getting the name of the.php file by a variable

Asked

Viewed 176 times

-1

Hey there, guys! I have a registration with id, title, date and event, in the database, so, when making a new registration, the person fills only the title and date, and the "event" field is automatically filled with the "title" that the person wrote, plus ". php".

Then a new page is created with the same title name and extension. php, which is accessed in a calendar, so that the registered date becomes a link to such a new page created.

Then I created a list of the database data, with a delete button. However, I cannot, by pressing this same button, delete the.php file related to that id that will be deleted from the database together.

the record is listed in admin.php, where there is the delete button:

<!--EXCLUIR EVENTO-->
<?php

$resgatando_dados = $pdo->prepare("SELECT * FROM eventos ORDER BY data ASC");
$resgatando_dados->execute();
echo '
<table border="1" width="100%">
<tr id="cabecalhotabelalistar";>
<td>Id</td>
<td>Título</td>
<td>Data</td>
<td>Encontro</td>
<td>Excluir</td>
</tr>
';

foreach($resgatando_dados as $apresenta_dados):
echo ' 
<tr>
<td> '.addslashes(trim(strip_tags($apresenta_dados['id']))).'</td>
<td> '.addslashes(trim(strip_tags($apresenta_dados['titulo']))).'</td>
<td> '.addslashes(trim(strip_tags($apresenta_dados['data']))).'</td>
<td> '.addslashes(trim(strip_tags($apresenta_dados['encontro']))).'</td>
<td><a href="deletar_dados.php?id='.addslashes(trim(strip_tags($apresenta_dados['id']))).'">Excluir</a></td>
</tr>
';
endforeach;
echo '</table>';

?>

And the php file "deletar_data" is this:

<?php
include 'conexao.php';
?>
<html>
<head>
<meta charset="UTF-8">
</head>

<body>

<?php

$id = strip_tags($_GET['id']);



$encontro = $_GET['encontro'];
unlink ('encontros/'.'$encontro');



$deletando_dados = $pdo->prepare("DELETE FROM eventos WHERE id = '$id'");
$deletando_dados->execute();



if($deletando_dados):
echo '<script>alert("Evento excluído")</script>';
//echo '<script>window.location="admin.php"</script>';

else:
echo '<script>alert("Não foi possível excluir o evento")</script>';
endif;
?>

</body>
</html>

*Obs: the file to be deleted is in a folder inside the folder where are the files displayed here ( hence the unlink ('encounters/'. '$encounter'); ).

whereas this is a problem that articulates several frequent questions, adding deleted files in another folder, with automatic deletion along with the database data, and whose name is obtained by means of a variable, I think the solution will be useful for many people.

1 answer

1


The variable $_GET['encontro'] is the type null, so you are not finding the file and deleting it.

You need to add it as a URL parameter.

<td><a href="deletar_dados.php?id='.urlencode($apresenta_dados['id']).'&encontro='.urlencode($apresenta_dados['encontro']).'">Excluir</a></td>

However, the ideal is to do some validations before: check if you are allowed to do this; search the name of the file in the database instead of passing it as parameter etc.

When you stop this information without validating, give margins for a person to remove whichever file from your server.

  • Oops! It’s better! Thank you, Valdeir! But something else is wrong with my code that I hadn’t noticed... Now the following message appears: "Warning: unlink(encounters/$encounter): No such file or directory in C: wamp64 www admin calendar deletar_data.php on line 19" When I directly put the page name.php to be deleted, I get... the deletion happens to the file that is inside the "encounters" folder, which is a folder inside the folder where the other files are. But when I delete through the variable, then this error arises. any suggestions there?

  • @A.Goes is because you are passing the variable between single quotes. The correct is unlink ('encontros/'.$encontro);

  • That’s right! I was looking at it right now... pardon the gaffe. And thank you so much for the quick help!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.