phpdirectorymoveunlink

PHP - Move a file into a different folder on the server


I need to allow users on my website to delete their images off the server after they have uploaded them if they no longer want them. I was previously using the unlink function in PHP but have since been told that this can be quite risky and a security issue. (Previous code below:)

if(unlink($path.'image1.jpg')){ 
     // deleted
}

Instead i now want to simply move the file into a different folder. This must be able to be done a long time after they have first uploaded the file so any time they log into their account. If i have the main folder which stores the users image(s):

user/

and then within that a folder called del which is the destination to put their unwanted images:

user/del/

Is there a command to move a file into a different folder? So that say:

user/image1.jpg

moves to/becomes

user/del/image1.jpg

Solution

  • The rename function does this

    docs rename

    rename('image1.jpg', 'del/image1.jpg');

    If you want to keep the existing file on the same place you should use copy

    docs copy

    copy('image1.jpg', 'del/image1.jpg');

    If you want to move an uploaded file use the move_uploaded_file, although this is almost the same as rename this function also checks that the given file is a file that was uploaded via the POST, this prevents for example that a local file is moved

    docs move_uploaded_file

    $uploads_dir = '/uploads';
    foreach ($_FILES["pictures"]["error"] as $key => $error) {
        if ($error == UPLOAD_ERR_OK) {
            $tmp_name = $_FILES["pictures"]["tmp_name"][$key];
            $name = $_FILES["pictures"]["name"][$key];
            move_uploaded_file($tmp_name, "$uploads_dir/$name");
        }
    }
    

    code snipet from docs