I need to allow users on my website to delete their images off the server after they have uploaded them if they no longer want them. I was previously using the unlink function in PHP but have since been told that this can be quite risky and a security issue. (Previous code below:)
if(unlink($path.'image1.jpg')){
// deleted
}
Instead i now want to simply move the file into a different folder. This must be able to be done a long time after they have first uploaded the file so any time they log into their account. If i have the main folder which stores the users image(s):
user/
and then within that a folder called del which is the destination to put their unwanted images:
user/del/
Is there a command to move a file into a different folder? So that say:
user/image1.jpg
moves to/becomes
user/del/image1.jpg
The rename function does this
rename('image1.jpg', 'del/image1.jpg');
If you want to keep the existing file on the same place you should use copy
copy('image1.jpg', 'del/image1.jpg');
If you want to move an uploaded file use the move_uploaded_file, although this is almost the same as rename this function also checks that the given file is a file that was uploaded via the POST, this prevents for example that a local file is moved
$uploads_dir = '/uploads';
foreach ($_FILES["pictures"]["error"] as $key => $error) {
if ($error == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["pictures"]["tmp_name"][$key];
$name = $_FILES["pictures"]["name"][$key];
move_uploaded_file($tmp_name, "$uploads_dir/$name");
}
}
code snipet from docs