Unlink() ???

AndrewH

Now I'm trying to get an "unlink()" command working. The form gives me the data that is in the SQL record, which I want to appear so that the user can confirm that they are deleting the correct record. However, I want to "delete" the file from the directory on the server. I put a "onclick="<?PHP unlink("$FileLoc"); ?> at the "confirm" button. $FileLoc is the row in the SQL DB where it records where to find the file on the server. Code:

<form action="<?php echo $editFormAction; ?>" method="POST" name="UpdateRecord" class="MainText" id="UpdateRecord">
                <p align="center" class="Header2">Confirm Delete </p>
                <div align="center">
                  <table width="400" border="0">
                    <tr>
                      <td class="MainText">File ID: </td>
                        <td class="MainText"><?php echo $row_FileUpdate['FileID']; ?>
                        <input name="FileID" type="hidden" value="<?php echo $row_FileUpdate['FileID']; ?>"></td>
                      </tr>
                    <tr>
                      <td class="MainText">File Name: </td>
                        <td class="MainText"><?php echo $row_FileUpdate['FileName']; ?>
                        <input name="FileName" type="hidden" value="<?php echo $row_FileUpdate['FileName']; ?>"></td>
                      </tr>
                    <tr>
                      <td class="MainText">File Location: </td>
                        <td class="MainText"><?php echo $row_FileUpdate['FileLoc']; ?></td>
                      </tr>
                    <tr>
                      <td class="MainText">File Updated: </td>
                        <td class="MainText"><?php echo $row_FileUpdate['FileUpdate']; ?></td>
                      </tr>
                    <tr>
                      <td class="MainText">User Name: </td>
                        <td class="MainText"><?php echo $row_FileUpdate['DBUser']; ?></td>
                      </tr>
                    <tr>
                      <td class="MainText">&nbsp;</td>
                        <td class="MainText"><label>
                          <input name="Submit" type="submit" class="button" onClick="<?PHP unlink("$FileLoc"); ?>" tabindex="6" value=" Confirm ">
                          </label>
                          <label>
                          <input name="Submit2" type="reset" onClick="history.back(-1)" class="button" tabindex="7" value=" Reject ">
                        </label></td>
                      </tr>
                  </table>
                </div>
                <div align="center">
                  <input type="hidden" name="MM_update" value="UpdateRecord">
                  </div>
              </form>

Any suggestions?

devinemke

you are getting confused between client-side and server-side programming. onclick is a client-side even handler. it is run entirely within the browser before the form data is submitted to the server. you cannot call a PHP function there as PHP has no idea about the form data. if you wish to delete a file as part of your form submission then this must be done in the server-side form processing code.

AndrewH

devinemke wrote:
you are getting confused between client-side and server-side programming. onclick is a client-side even handler. it is run entirely within the browser before the form data is submitted to the server. you cannot call a PHP function there as PHP has no idea about the form data. if you wish to delete a file as part of your form submission then this must be done in the server-side form processing code.

This is why I did a onclick=<?php unlink... ?> Is this not valid? If not, what can I use as a server-side form processing code so that when the "confirm" button is clicked, it deletes the file from the server?

devinemke

the [man]unlink[/man] call has to happen somewhere in the file specified in your $editFormAction variable.

AndrewH

I'm just using the $editformaction that Dreamweaver spits out.

<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    

    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "UpdateRecord")) {
  $updateSQL = sprintf("UPDATE SGD_FT SET FileName=%s WHERE FileID=%s",
                       GetSQLValueString($_POST['FileName'], "text"),
                       GetSQLValueString($_POST['FileID'], "int"));

  mysql_select_db($database_SGD_Database, $SGD_Database);
  $Result1 = mysql_query($updateSQL, $SGD_Database) or die(mysql_error());

  $updateGoTo = "r3S.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

$colname_FileUpdate = "-1";
if (isset($_GET['FileID'])) {
  $colname_FileUpdate = (get_magic_quotes_gpc()) ? $_GET['FileID'] : addslashes($_GET['FileID']);
}
mysql_select_db($database_SGD_Database, $SGD_Database);
$query_FileUpdate = sprintf("SELECT * FROM SGD_FT WHERE FileID = %s", $colname_FileUpdate);
$FileUpdate = mysql_query($query_FileUpdate, $SGD_Database) or die(mysql_error());
$row_FileUpdate = mysql_fetch_assoc($FileUpdate);
$totalRows_FileUpdate = mysql_num_rows($FileUpdate);
?>

So, somewhere in there? If so, where?