Hi all,
I have a script which in parts, deletes the data from a specified database. In that is the url to an image the user has uploaded to the server. All the information which needs to be deleted from the database gets deleted ok, but the file stored on the server doesn’t.
Please can somebody help me out with this?
Thanks in advance,
Steve
$query_Recordset1 = "SELECT Images FROM testimonials";
$img_dir = 'uploaded_images/';
$image_name = $row['Images'];
if ((isset($_GET['del'])) && ($_GET['del'] != "")) {
unlink($img_dir.$image_name);
$deleteSQL = sprintf("DELETE FROM testimonials WHERE Testimonial_Id=%s",
GetSQLValueString($_GET['del'], "int"));
mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($deleteSQL, $localhost) or die(mysql_error());
$deleteGoTo = "index.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
FULL code is:-
<?php require_once('Connections/localhost.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$query_Recordset1 = "SELECT Images FROM testimonials";
$img_dir = 'uploaded_images/';
$image_name = $row['Images'];
if ((isset($_GET['del'])) && ($_GET['del'] != "")) {
unlink($img_dir.$image_name);
$deleteSQL = sprintf("DELETE FROM testimonials WHERE Testimonial_Id=%s",
GetSQLValueString($_GET['del'], "int"));
mysql_select_db($database_localhost, $localhost);
$Result1 = mysql_query($deleteSQL, $localhost) or die(mysql_error());
$deleteGoTo = "index.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$maxRows_Recordset1 = 10;
$pageNum_Recordset1 = 0;
if (isset($_GET['pageNum_Recordset1'])) {
$pageNum_Recordset1 = $_GET['pageNum_Recordset1'];
}
$startRow_Recordset1 = $pageNum_Recordset1 * $maxRows_Recordset1;
mysql_select_db($database_localhost, $localhost);
$query_Recordset1 = "SELECT * FROM testimonials ORDER BY SortOrder ASC";
$query_limit_Recordset1 = sprintf("%s LIMIT %d, %d", $query_Recordset1, $startRow_Recordset1, $maxRows_Recordset1);
$Recordset1 = mysql_query($query_limit_Recordset1, $localhost) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
if (isset($_GET['totalRows_Recordset1'])) {
$totalRows_Recordset1 = $_GET['totalRows_Recordset1'];
} else {
$all_Recordset1 = mysql_query($query_Recordset1);
$totalRows_Recordset1 = mysql_num_rows($all_Recordset1);
}
$totalPages_Recordset1 = ceil($totalRows_Recordset1/$maxRows_Recordset1)-1;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Sub-Lime Renovations Admin Area - View Testimonials</title>
</head>
<body>
<div align="center">
<h1><strong>Sub-Lime Renovations Administration Area</strong></h1>
</div>
<p align="center"><a href="index.php">Admin Home</a> | <a href="add_testimonials.php">Add Testimonials</a></p>
<p> </p>
<p> </p>
<table border="1" align="center" cellpadding="1" cellspacing="1">
<tr>
<td>Customer Name</td>
<td>Town</td>
<td>Testimonial</td>
<td>Sort Order</td>
<td>Images</td>
</tr>
<?php do { ?>
<tr>
<td><?php echo $row_Recordset1['CustomerName']; ?></td>
<td><?php echo $row_Recordset1['Town']; ?></td>
<td><?php echo $row_Recordset1['Testimonial']; ?></td>
<td><?php echo $row_Recordset1['SortOrder']; ?></td>
<td><img width ="100" height="100" src="/AdministrationAreaSublime/<?php echo $row_Recordset1['Images']; ?>" alt="" /></td>
<td><a href="edit_testimonials.php?Testimonial_Id=<?php echo $row_Recordset1['Testimonial_Id']; ?>">Edit</a></td>
<td><input type="button" name="del" id="del" value="Delete" onClick="document.location.href='testimonials.php?del=<?php echo $row_Recordset1['Testimonial_Id']?>'" /></td></tr>
<?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?>
</table>
<p> </p>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>