I have admin panel where I show rows from database with ability to delete them.
Here is how I delete them delete.php
UPDATE
if (isset($_GET['id']) && is_numeric($_GET['id']))
{
$id = $_GET['id'];
$name = "SELECT name FROM images WHERE id=$id";
$name=mysql_fetch_assoc($name);
$name=$name['name'];
if ($stmt = $con->prepare("DELETE FROM images WHERE id = ? LIMIT 1"))
{
$stmt->bind_param("i",$id);
$stmt->execute();
unlink("../upload/" . $name);
$stmt->close();
}
else
{
echo "ERROR: could not prepare SQL statement.";
}
$con->close();
header("Location: images_delete.php");
}
else
{
header("Location: images_delete.php");
}
Then I must open 'Upload' form to delete the image which I deleted from mysql. How can I make when I delete that image from mysql also to delete from folder?
In mysql I store path and name of the image.
UPDATE: Here is final version of the file which is working-> delete file from folder and record in DB
if (isset($_GET['id']) && is_numeric($_GET['id']))
{
$id = $_GET['id'];
$name = "SELECT * FROM images WHERE id=$id" or die(mysqli_error($con));
$res = mysqli_query($con, $name);
$row = mysqli_fetch_assoc($res);
$name1 = $row['name'];
//print_r($name1);
if ($stmt = $con->prepare("DELETE FROM images WHERE id = ? LIMIT 1"))
{
$stmt->bind_param("i",$id);
$folder = 'C:\wamp\www\upload';
chown($folder,465);
//var_dump($name1);
unlink($_SERVER['DOCUMENT_ROOT'] . "/upload/$name1");
$stmt->execute();
$stmt->close();
}
else
{
echo "ERROR: could not prepare SQL statement.";
}
$con->close();
use unlink($your_image_path) to delete image
Related
I was doing a function which is checking 2 user have a direct message room or no if they dun have will be insert a new direct message room if they have will go to room they chat before
here is my code
<a href="directMessageRoom.php">
<button type="button" class="btn btn-directmessage">Message</button>
<?php
include '../config.php';
$target = $_GET['user'];
$id = $_SESSION['id'];
$targetusername = mysqli_query($connection,"SELECT username FROM user WHERE id='$target' ")or die(mysqli_error($connection));
$username= mysqli_query($connection,"SELECT username FROM user WHERE id='$id'") or die(mysqli_error($connection));
$dm_sql="SELECT * FROM direct_message_room WHERE user_1_id ='$id' AND user_2_id='$target'";
$check_direct_message_room = mysqli_query($connection, $dm_sql) or die(mysqli_error($connection));
$check= mysqli_num_rows($check_direct_message_room);
if($check == 0){
$direct_message_room_id = mysqli_insert_id($connection);
$direct_message_room_name ="INSERT INTO direct_message_room(`id`,`direct_message_room_name`,`user_1_id`,`user_2_id`) VALUES ('$direct_message_room_id ','test1','$id','$target')";
$newDirectMessageRoom = mysqli_query($connection,$direct_message_room_name)or die(mysqli_error($connection));
}
else{
while($row3 = mysqli_fetch_array($check_direct_message_room)){
echo '<a href="directMessageRoom.php?directMessageRoomID='.$rowr3['id'].'></a>';
}
}
?>
</a>
how i let this all happen when i click the a tag go into the page?
I have update the code
Additional question how i pass the new id to my a tag?
is this correct? 'CONCAT('$username','$targetusername')'
i have error in line 47
echo '<a href="directMessageRoom.php?directMessageRoomID='.$rowr3['id'].'></a>';
the error is Notice: Undefined variable: rowr3 in E:\Software\Xampp\htdocs\pme\main\user.php on line 47
Several issues:
You should use prepared queries to prevent SQL injection.
You need to fetch the results from the first two queries.
You need to call mysqli_insert_id() after you do the INSERT, since it returns the ID assigned to the last row that was inserted.
Message
$target = $_GET['user'];
$id = $_SESSION['id'];
$target_stmt = mysqli_prepare($connection,"SELECT username FROM user WHERE id=?")or die(mysqli_error($connection));
mysqli_stmt_bind_param($target_stmt, "i", $target);
mysqli_execute($target_stmt);
mysqli_stmt_bind_result($target_stmt, $targetusername);
mysqli_stmt_fetch($target_stmt);
$username_stmt= mysqli_prepare($connection,"SELECT username FROM user WHERE id=?") or die(mysqli_error($connection));
mysqli_stmt_bind_param($username_stmt, "i", $id);
mysqli_stmt_execute($username_stmt);
mysqli_stmt_bind_result($username_stmt, $username);
mysqli_stmt_fetch($username_stmt);
$dm_stmt=mysqli_prepare("SELECT id FROM direct_message_room WHERE user_1_id = ? AND user_2_id= ?") or die(mysqli_error($connection));
mysqli_stmt_bind_param($dm_stmt, "ii", $id, $target);
mysql_stmt_execute($dm_stmt);
mysql_stmt_store_result($dm_stmt);
$check= mysqli_stmt_num_rows($dm_stmt);
if($check == 0){
$insert_stmt = mysqli_prepare("INSERT INTO direct_message_room(`direct_message_room_name`,`user_1_id`,`user_2_id`) VALUES (?, ?, ?)") or die(mysqli_error($connection));
$room_name = $username . $targetusername;
mysqli_stmt_bind_param($insert_stmt, "sii", $room_name, $id, $target);
mysqli_stmt_execute($insert_stmt);
$direct_message_room_id = mysqli_insert_id($connection);
echo '<a href="directMessageRoom.php?directMessageRoomID='.$direct_message_room_id.'></a>';
}
else{
mysqli_stmt_bind_result($dm_stmt, $room_id);
while($row3 = mysqli_stmt_fetch($dm_stmt)){
echo '<a href="directMessageRoom.php?directMessageRoomID='.$room_id.'></a>';
}
}
?>
I'm trying to make a loop which checks if an image with filename from database exists, if not to unlink all images because I have many duplicates in folder but folder is 50gb. I can't check each one.
So here's what I've tried
$id = $_GET['id'];
$sql = "SELECT thumbnail FROM files WHERE id='$id'";
$query = $mysqli->query($sql);
$row = $query->fetch_assoc();
$thumb = $row['thumbnail'];
$records = "../upload/images/";
foreach ($records as $record) {
if (file_exists('../upload/images/'.$thumb)) {}
else {
#unlink('../upload/images/'.$thumb);
}
}
Update
$sql = "SELECT thumbnail FROM filesWHERE id='$id'";
$query = $mysqli->query($sql);
$row = $query->fetchAll();
foreach($sql as $search_result) {
if(file_exists($search_result['thumbnail'])) {
$img_source = ('../upload/images/'.$search_result['thumbnail']);
} else {
#unlink('../upload/images/'.$search_result);
}
}
That's the logic I've understood. Checking if there are files in the folder that aren't present in database, and if so, delete it.
$directory = "../upload/images/";
$images = glob($directory . "*.jpg");
foreach($images as $image)
{
$sql = "SELECT thumbnail FROM files WHERE thumbnail =?";
$stmt = $mysqli->prepare($sql);
if($stmt) {
$stmt->bind_param('s', $image);
$stmt->bind_result($result);
$stmt->execute();
$stmt->fetch();
if(!$result) {
if(unlink($image)) {
echo "Image deleted $image <br>\n";
}
}
} else {
echo "Unable to prepare SQL";
}
}
in mysql Datbase there is images stored using php Script (image got from a form.html/POST method) let's cal them (phpImages). and there is others stored using android application ( by converting Bitmap to String and using StringBuilder ). let's call them (androidImages).
with this php script i can load and display phpImages, but i cannot display androidImages.
<?php
$con = mysqli_connect("localhost","root","","othmane") or die(mysqli_error($con));
if($_SERVER['REQUEST_METHOD']=='GET'){
$id = $_GET['id'];
$sql = "SELECT image FROM images WHERE id = '$id'";
$r = mysqli_query($con,$sql) or die(mysqli_error($con));;
$result=mysqli_fetch_array($r);
header('Content-Type:image/jpeg');
echo ( $result['image']);
mysqli_close($con);
}
?>
with this php script i can load androidImages, but i cannot load phpImages :
<?php
$con = mysqli_connect("localhost","root","","othmane") or die(mysqli_error($con));
if($_SERVER['REQUEST_METHOD']=='GET'){
$id = $_GET['id'];
$sql = "SELECT image FROM images WHERE id = '$id'";
$r = mysqli_query($con,$sql) or die(mysqli_error($con));;
$result=mysqli_fetch_array($r);
header('Content-Type:image/jpeg');
echo base64_decode( $result['image'] );
mysqli_close($con);
}
?>
i wan't a php script that could display the both. because i want to load all images in a ListView of an android Apps.
**This is php script relied to android Application : **
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
$image = $_POST['image'];
$con=mysqli_connect("localhost","root","","othmane")or die(mysqli_error($con));
$sql = "INSERT INTO images (image,image_type) VALUES (?,'android')";
$stmt = mysqli_prepare($con,$sql);
mysqli_stmt_bind_param($stmt,"s",$image);
mysqli_stmt_execute($stmt);
$check = mysqli_stmt_affected_rows($stmt);
if($check == 1){
echo "Image Uploaded Successfully";
}else{
echo "Error Uploading Image";
}
mysqli_close($con);
}else{
echo "Error";
}
?>
this is php Script relied with Form.html post method :
<?php
echo ini_get( 'file_uploads' );
if(!isset($_POST['submit'])){
echo '<p>Please Select Image to Upload</p>';
}
else
{
try {
upload();
}
catch(Exception $e)
{
echo '<h4>'.$e->getMessage().'</h4>';
}
}
function upload(){
$imgfp = fopen($_FILES['photo']['tmp_name'], 'rb');
print_r($_FILES);
$dbh = new PDO("mysql:host=localhost;dbname=othmane", 'root', '');
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $dbh->prepare("INSERT INTO images (image,image_type) VALUES (?,'php')");
$stmt->bindParam(1, $imgfp, PDO::PARAM_LOB);
$stmt->execute();
}
?>
Add a column called image_type in your table and pass one of the following values to determine what the source of the image is upon uploading: phpImage or androidImage
So you can do:
<?php
$con = mysqli_connect("localhost","root","","othmane") or die(mysqli_error($con));
if ($_SERVER['REQUEST_METHOD'] == 'GET'){
$id = $_GET['id'];
$sql = "SELECT image, image_type FROM images WHERE id = '$id'";
$r = mysqli_query($con,$sql) or die(mysqli_error($con));
$result = mysqli_fetch_array($r);
header('Content-Type: image/jpeg');
if ($result['image_type'] == 'phpImage') {
echo ( $result['image']);
} else if ($result['image_type'] == 'androidImage') {
echo base64_decode( $result['image'] );
}
mysqli_close($con);
}
?>
I'm trying to make it so when i click a "x" it will delete the entire row.
I've linked each record to my jobRef however the delete isn't working.
This is what i've got so far;
<?php
$status = 'available';
$stmt = $pdo->query('SELECT * FROM jobs WHERE jobStatus = "' . $status . '"');
$results = $stmt->fetchAll();
echo "<table><tr><td>Job Reference</td><td>Description</td>";
foreach ($results as $row) {
echo "<tr><td>".$row['jobRef']."</td>","<td>".$row['jobDescription']."</td>";
echo "<td><a href='edit.php?id=".$row['jobRef']."'>Edit</a></td>";
?>
Heres my delete.php
<?php
require 'mysqlcon.php';
?>
<?php
if(isset($_GET['id']))
{
$id=$_GET['id'];
$query1= ("DELETE FROM person WHERE id='$id'");
if($query1)
{
header('location:Vacancies.php');
}
}
?>
You simply write your query , Forget to execute it.
$query1= ("DELETE FROM person WHERE id='$id'");
You need to execute it
$pdo->query("DELETE FROM person WHERE id='$id'");
Or better to use bind statement
$sth =$pdo->prepare('DELETE FROM person WHERE id=:id');
$sth->bindValue(':id', $id, PDO::PARAM_INT);
$sth->execute();
$count = $sth->rowCount();
if($count>0)
{
header('location:Vacancies.php');
}else{
echo "Error in delete";
}
I want to get the database picture path so that i can used it and store the same file-name path in the image folder so both can be matched up. Actually i am using a unique-id so that pictures have unique names but don't know how to use it rightly. Any help would be appreciated.
$insert = "UPDATE USER_LOGIN SET PICTURE = '".uniqid().$_FILES['file']['name']."' WHERE USERNAME = '".$_COOKIE['username']."'";
$result = oci_parse($con, $insert);
// Executes a statement.
$check = oci_execute($result);
$UploadDirectory = '/wamp/www/img/Users/Users/'.$row['PICTURE'];
Working Solution:
if($row)
{
$Filename = uniqid().$_FILES['file']['name'];
$DirectoryPath = '/wamp/www/img/Users/Users/'.$Filename;
if(move_uploaded_file($_FILES['file']['tmp_name'], $DirectoryPath))
{
$insert = "UPDATE USER_LOGIN SET PICTURE = '".$Filename."' WHERE USERNAME = '".$_COOKIE['username']."'";
$result = oci_parse($con, $insert);
// Executes a statement.
$check = oci_execute($result);
if($check)
{
echo "Saved";
// Commit the changes to the table.
oci_commit($con);
}
else
{
// Rollback changes to table.
oci_rollback($con);
}
}
else
{
//die('error uploading File!');
}
}