Home/ Questions/Q 940617
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T21:59:09+00:00

im new to php. I have a basic unlink php file which deletes a

  • 0

im new to php. I have a basic unlink php file which deletes a test.html. Using Apache httpserver 

<?php
$fh = fopen('test.html', 'a');
fwrite($fh, '<h1>Hello world!</h1>');
fclose($fh);

unlink('test.html');
?>

So now how do i set a authentication method so that only a person with the correct username/password can access this file?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you want the protection in PHP, you’ll need to place the unlink code inside a conditional block:

    if(ok_to_delete())
{
    # unlink code
}

    That function might look like this:

    function ok_to_delete()
{
    # hash of your password
    if('d0be2dc421be4fcd0172e5afceea3970e2f3d940' == sha1($_POST['delete_password']))
    {
        return true;
    }
    else
    {
        return false;
    }
}

    And the form:

    <form action="delete.php" method="post">
    <input type="password" name="delete_password" />
    <input type="submit" value="Delete Something" />
</form>

    Putting unlink() in a conditional block prevents it from being arbitrarily executed by some other means (run from command-line, included in another file, etc.).

    There are myriad ways to write the ok_to_delete() function, of course. If you’re curious you might poke around on Google, or check out an open source project.

    For a full-blown user auth system, there are a lot of concerns regarding security (using https, whether the form can be exploited, whether you can delete arbitrary files, whether passwords are secure, etc.).

    For something simple like deleting some cache files, the example code may suffice.

    Refs:

    • 0