Search code examples
phpwordpressfile-permissionsunlink

"unlink" does not work on local Wordpress instance?

I'm trying to modify a plugin so that image files from a directory can be deleted with an html link. My code spits out a table containing an image thumbnail, a link to the image, and a link to delete the file:

<?php                                                   
   $dirname = "../wp-content/themes/teenclub/images/slider/"; 
   $images = scandir($dirname); 
   $ignore = array(".", "..", ".DS_Store");

   foreach($images as $curimg){ 
       if(!in_array($curimg, $ignore)) {
       echo "<tr ><td><img width='200' src='$dirname$curimg'/></td><td><a href='$dirname$curimg'/>$curimg</a></td><td><a href='../wp-content/plugins/wp-easy-uploader/delete.php?file=$curimg'>Delete</a></td></tr>"; 
       };
   }                         
?>

delete.php:

<?php
$dir = '/Users/edmcmanwich/Desktop/TEMP/dev.teenclub.com';
$file = $dir.'/'.$_GET["file"];

if(is_writable($file)) {
  unlink($file);
} else {
  echo 'you dont have perms dude';
}
?>

I get the message saying I don't have permission but I've chmod all the files to 777. In addition MAMP's php_error.log give me this:

[01-Feb-2012 21:10:13] PHP Warning:  unlink(../wp-content/themes/teenclub/images/slider/kids.png) [<a href='function.unlink'>function.unlink</a>]: No such file or directory in /Users/edmcmanwich/Desktop/TEMP/dev.teenclub.com/wp-content/plugins/wp-easy-uploader/delete.php on line 4

The directory and file name are correct so I just don't understand what the problem is...

Solution

  • You must have the directories wrong.

    unlink shows a file location of ../wp-content/themes/teenclub/images/slider/kids.png yet your directory is set as /Users/edmcmanwich/Desktop/TEMP/dev.teenclub.com. So, your full path should be /Users/edmcmanwich/Desktop/TEMP/dev.teenclub.com/../wp-content/themes/teenclub/images/slider/kids.png (or /Users/edmcmanwich/Desktop/TEMP/dev.teenclub.com/kids.png according to your source), which isn't the case according to your error message.

    Run echo getcwd(); to see what directory your delete script is running at, you should see that the file path is incorrect. Or, the file was already deleted and is therefore does not exist.

    Also, this is horribly insecure, as anybody can pass anything they want to $_GET['file'] and potentially delete the file. For example, if you screwed with the permissions on /etc/passwd, somebody could delete it with ../../../../../../../../../../../../etc/passwd.