NYCPHP Meetup

[nycphp-talk] Bullet proofing "rmdir" command

Jeff jsiegel1 at optonline.net
Tue Aug 12 09:26:55 EDT 2003


I have a specific subdirectory on my site where users can upload images
files associated with some text stored in a database. The question
concerns deleting those uploaded images. Deleting the record is the easy
part...even deleting the images and subdirectory is easy. However, my
concern is what precautions should I take to make sure that the wrong
subdir (or the whole site!!) doesn't get blown away. In the code below
I'm using file_exists to delete the images and subdir but is there
anything else that I should do to bullet proof the procedure? 

//Note: $sSubDir is the subdirectory path stored in the corresponding
MySQL record.

//Delete images
for($i=0;$i<5;$i++){
		$sImageName = $sSubDir . "image$i.jpg";
		if(file_exists($sImageName)){		
			unlink($sImageName);
		}	
	}
//Delete subdir
if(file_exists($sSubDir)){
	rmdir($sSubDir);
}

Jeff




More information about the talk mailing list