Home/ Questions/Q 8911875
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T04:03:22+00:00

The below code allows me to delete files SOMETIMES. I have checked permissions on

  • 0

The below code allows me to delete files SOMETIMES. I have checked permissions on the files and folders and they exist and are given proper access. Sometimes when I press the remove button; it removes the file and sometimes it simply refreshes the page and nothing happens. Is there anything I can do to make unlink work correctly? Am I missing something in the code below? This is in ZEND.

public function delimageAction()
{
    $request = $this->getRequest();

    if ($request->isPost()) {
        // Get the image name
        $imageName = $request->getParam('file');

        $old = getcwd();
        chdir(APPLICATION_PATH . "/../public/images/blog/"); // Change directory to the files
        fclose(APPLICATION_PATH . "/../public/images/blog/" . $imageName);

        // Delete it
        unlink(APPLICATION_PATH . "/../public/images/blog/" . $imageName)

        chdir($old); // Return to old directory
    }
    $this->_helper->redirector('blog', 'index');
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Remove the two chdir calls since they serve no purpose, and the fclose which will result in an error. Beyond that you need to check the error log to see what is causing the deletion to fail, it could be permissions related. You could also check the return value for unlink, since it should return false if it doesn’t work.

    As hinted in the comments, there is quite a big security hole in your script as it allows a malicious user to delete any file in your application. You need to sanitise the ‘file’ param to ensure the path supplied is within the public/images/blog/ folder.

    • 0