Delete .php file, along with deleting the record in the database, getting the name of the .php file by a variable

-1

Hello everyone! I have a registration with id, title, date and event, in the database, so that when making a new registration, the person only fills the title and the date, and the field "event" is automatically filled with the " title "that the person wrote, plus" .php ".

Then a new page is created with the same title name and the .php extension, which is accessed in a calendar, so that the registered date becomes a link to such a new created page.

So I created a database listing of the database, with a delete button. However, I can not, by pressing this same button, delete the .php file for that id that will be deleted from the database.

The registry is listed in admin.php, where there is the delete button:

<!--EXCLUIR EVENTO-->
<?php

$resgatando_dados = $pdo->prepare("SELECT * FROM eventos ORDER BY data ASC");
$resgatando_dados->execute();
echo '
<table border="1" width="100%">
<tr id="cabecalhotabelalistar";>
<td>Id</td>
<td>Título</td>
<td>Data</td>
<td>Encontro</td>
<td>Excluir</td>
</tr>
';

foreach($resgatando_dados as $apresenta_dados):
echo ' 
<tr>
<td> '.addslashes(trim(strip_tags($apresenta_dados['id']))).'</td>
<td> '.addslashes(trim(strip_tags($apresenta_dados['titulo']))).'</td>
<td> '.addslashes(trim(strip_tags($apresenta_dados['data']))).'</td>
<td> '.addslashes(trim(strip_tags($apresenta_dados['encontro']))).'</td>
<td><a href="deletar_dados.php?id='.addslashes(trim(strip_tags($apresenta_dados['id']))).'">Excluir</a></td>
</tr>
';
endforeach;
echo '</table>';

?>

And the php file "deletar_dados" is this:

<?php
include 'conexao.php';
?>
<html>
<head>
<meta charset="UTF-8">
</head>

<body>

<?php

$id = strip_tags($_GET['id']);



$encontro = $_GET['encontro'];
unlink ('encontros/'.'$encontro');



$deletando_dados = $pdo->prepare("DELETE FROM eventos WHERE id = '$id'");
$deletando_dados->execute();



if($deletando_dados):
echo '<script>alert("Evento excluído")</script>';
//echo '<script>window.location="admin.php"</script>';

else:
echo '<script>alert("Não foi possível excluir o evento")</script>';
endif;
?>

</body>
</html>

* obs: the file to be deleted is in a folder inside the folder where the files are displayed here (hence the unlink ('encounters /'.'$ encounter');).

Considering that this is a problem that articulates several frequently asked questions, adding deleted files to another folder, with automatic deletion along with the bank's data, and whose name is obtained by means of a variable, I think the solution will be useful for many people.

    
asked by anonymous 18.01.2018 / 02:32

1 answer

1

The variable $_GET['encontro'] is of type null , so it is not finding the file and deleting it.

You need to add it as a URL parameter.

<td><a href="deletar_dados.php?id='.urlencode($apresenta_dados['id']).'&encontro='.urlencode($apresenta_dados['encontro']).'">Excluir</a></td>

However, the ideal is to do some validation before: check if you are allowed to do this; search the name of the file in the database instead of passing it as a parameter etc.

When you pass this information without validating, give margins for a person to remove any file from your server.

    
18.01.2018 / 03:27