0

这是我从我的 sql 数据库中提取信息的代码,然后我想删除每个目录中的 .txt 文件,但我似乎无法弄清楚为什么它不会删除这些文件。

<?php

session_start();
$user = $_SESSION['SESS_USERNAME'];

$id = array();
$id = $_POST['selected'];

//Include database connection details
require_once('config_order.php');

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$link) {
    die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if (!$db) {
    die("Unable to select database");
}

//Create query
$query = mysql_query("SELECT * FROM  `PropertyInfo` WHERE  `order_number` =  '$id[0]'");

// display query results

while ($row = mysql_fetch_array($query)) {
    $c_name = $row['clientname'];
    $sitestreet = $row['sitestreet'];              
    $inspector = $row['inspector'];
}
mysql_close($link);

$client_name = str_replace(" ", "_", $c_name);
$site_street = str_replace(" ", "_", $sitestreet);

$client_name = "{$client_name}.txt";
$site_street = "{$site_street}.txt";

$client_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Clients";
$inspection_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Inspections";

if (unlink($client_path . "/" . $client_name)) {
    echo 'File Deleted';
} else {
    echo 'File could not be deleted';
}
?>
4

3 回答 3

1

尝试一些额外的调试:

$realpath = $client_path . '/' . $client_name;

if (file_exists($realpath)) {
   if (is_writable($realpath)) {
       if (unlink($realpath)) {
            echo "$realpath deleted";
       } else {
            echo "Unable to delete $realpath";
       }
   } else {
      echo "$realpath is not writable";
   }
} else {
   echo "$realpath does not exist";
}
于 2011-08-30T20:46:28.250 回答
1

乍一看,这是一个问题, 如果 $_POST['selected']不是数组:

$id = array();
$id = $_POST['selected'];

...


$query = mysql_query("SELECT * FROM  `PropertyInfo` WHERE  `order_number` =  '$id[0]'");

您将实例$id化为一个空数组,然后用 覆盖它,字符串的第一个字符也是$_POST['selected']如此。$id[0]$id

例如,如果$_POST['selected']12345

"SELECT * FROM  `PropertyInfo` WHERE  `order_number` =  '$id[0]'"

相当于:

"SELECT * FROM  `PropertyInfo` WHERE  `order_number` =  '1'"

要么不要尝试使用索引访问它,要么$id[] = $_POST['selected'];将元素添加$id数组中。

不管这是否是一个数组,您需要在将输入插入查询之前对其进行清理,或者使用准备好的语句

于 2011-08-30T20:51:44.377 回答
1

我认为这是因为您的while循环正在覆盖$c_name,$sitestreet$inspector变量。这意味着您只会删除最后一个文件。

这是你想做的吗?(再次编辑...

$query = mysql_query("SELECT * FROM `PropertyInfo` WHERE `order_number` IN (".mysql_real_escape_string(implode(',',$id)).")");

while ($row = mysql_fetch_array($query)) {

  $inspector = $row['inspector'];
  $client_name = str_replace(" ", "_", $row['clientname']).'.txt';
  $site_street = str_replace(" ", "_", $row['sitestreet']).'.txt';

  $client_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Clients";
  $inspection_path = "/var/www/vhosts/default/htdocs/Members/$user/$inspector/Orders/Inspections";

  if (!file_exists($client_path.'/'.$client_name)) {
    echo "File $client_path/$client_name does not exist!\n";
  } else echo (unlink($client_path.'/'.$client_name)) ? "File $client_path/$client_name was deleted\n" : "File $client_path/$client_name could not be deleted\n";

}
mysql_close($link);
于 2011-08-30T20:56:26.293 回答