What are the best practices for securely deleting files in PHP, especially when using user input?

When securely deleting files in PHP, especially when using user input, it is important to validate and sanitize the input to prevent any malicious file deletion. One common approach is to use the `unlink()` function along with proper input validation to ensure that only allowed files are deleted.

// Validate and sanitize user input
$filename = filter_var($_POST[&#039;filename&#039;], FILTER_SANITIZE_STRING);

// Define the directory where the files are stored
$directory = &#039;/path/to/files/&#039;;

// Check if the file exists in the specified directory
if (file_exists($directory . $filename)) {
    // Delete the file
    unlink($directory . $filename);
    echo &#039;File deleted successfully.&#039;;
} else {
    echo &#039;File not found.&#039;;
}

Keywords

file deletion PHP user input security vulnerabilities

What are the best practices for securely deleting files in PHP, especially when using user input?

Keywords

Related Questions