|
 |
| |
พี่ๆช่วยดูให้หน่อยนะครับคือว่าผมต้องการลบไฟล์ทีอัพโหลดออกด้วยนะครับ |
| |
 |
|
|
 |
 |
|
ไฟล์พวก .doc นะครับผมเก็บไว้ในโฟล์เด้อชื่อเก็บไว้ในsqlฐานข้อมูล
ฐานข้อมูลลบแต่ไฟล์ไม่ลบนะครับดูให้หน่อยนะครับ
Code (PHP)
<?php
session_start();
include("../../Includes/PortalConection.php");
include("../../Includes/Database.php");
$strRootpath= "../../";
include_once ("../../Includes/validsession.php");
if (!isset($_GET['action']))
{
$strAction="";
}
else
{
$strAction =QuerySafeString($_GET["action"]);
}
$conclass =new DataBase();
$strErrorMessages="";
if ($strAction=="DEL")
{
$strID= QuerySafeString($_GET["ID"]);
if (!isset($_GET['View']))
{
$strView="Active";
}
else
{
$strView= QuerySafeString($_GET["View"]);
}
if (($strID!="") && ($strID!="0"))
{
$strsql="DELETE FROM news_t_newsdetails ";
$strsql.= " WHERE id=" .SQLSafeString($strID);
$var1=$conclass->Execute ($strsql,$strErrorMessages);
if ($strErrorMessages!="")
{
$strErrorMessages = "Could not delete the news information. " .$strErrorMessages;
}
}
}
else
{
$strID= QuerySafeString(strtoupper($_REQUEST["txtID"]));
$strTitle= QuerySafeString($_REQUEST["txtTitle"]);
$strNewsDescription= NewLineinHTML(QuerySafeString($_REQUEST["txtNews"]));
$strNewsDate=QuerySafeString($_REQUEST["txtNewsDate"]);
$strExpireDate=QuerySafeString($_REQUEST["txtExpireDate"]);
$strActive=QuerySafeString($_REQUEST["txtActive"]);
$strView= QuerySafeString($_REQUEST["txtView"]);
if ($strActive=="")
{
$strActive="N";
}
if (($strID !="") && ($strID!="0"))
{
$strsql="UPDATE news_t_newsdetails SET title='" . SQLSafeString($strTitle) ;
$strsql.= "',newsdescription ='" . SQLSafeString($strNewsDescription) ;
$strsql.= "',newsdate ='" . DateFormatMysql($strNewsDate) ;
$strsql.= "',expirydate ='" . DateFormatMysql($strExpireDate) ;
$strsql.= "',active='" . SQLSafeString($strActive);
$strsql.= "' WHERE id=" . SQLSafeString($strID);
$var1=$conclass->Execute ($strsql,$strErrorMessages);
if ($strErrorMessages!="")
{
$strErrorMessages = "Could not update the news information. " . $strErrorMessages;
}
}
else
{
$strsql= "INSERT INTO news_t_newsdetails(title,newsdescription,newsdate,expirydate,active";
$strTemp= " VALUES('" . SQLSafeString($strTitle) . "','" . SQLSafeString($strNewsDescription) . "','" ;
$strTemp.= DateFormatMysql($strNewsDate) . "','" . DateFormatMysql($strExpireDate) . "','" ;
$strTemp.= SQLSafeString($strActive) . "'";
$strsql.= ") " . $strTemp . ")";
$var1=$conclass->Execute ($strsql,$strErrorMessages);
if ($strErrorMessages!="")
{ $strErrorMessages = "Could not add the news. <BR>" . $strErrorMessages;}
}
}
if ($strErrorMessages=="")
{
Redirect("List.php?View=" . $strView);
}
print "<HTML><HEAD>";
include ("../../Includes/Styles.php");
print "</HEAD><BODY>";
print "<TABLE border=0>";
print "<TR><TD WIDTH=15% VALIGN=TOP>";
include_once ("../../menulist.php");
print "</TD><TD>";
print $strErrorMessages;
?>
<P> </P>
<A HREF="List.php?View=<?php print $strView;?>"> Back to List</A>
<?php
print "</TD></TR>";
print "</TABLE>";
?>
</BODY>
</HTML>
Tag : - - - -
|
|
|
 |
 |
 |
 |
| Date :
2009-10-09 13:14:34 |
By :
somsak84 |
View :
721 |
Reply :
2 |
|
 |
 |
 |
 |
|
|
|
|
 |
 |
|
 |
 |
| |
|
|
|
| |
|
Code (PHP)
if (($strID!="") && ($strID!="0"))
{
$strsql="DELETE FROM news_t_newsdetails ";
$strsql.= " WHERE id=" .SQLSafeString($strID);
$var1=$conclass->Execute ($strsql,$strErrorMessages);
if ($strErrorMessages!="")
{
$strErrorMessages = "Could not delete the news information. " .$strErrorMessages;
}else
unlink("direct_path/file_name"); // คำสั่งลบไฟล์
}
}
|
| |
|
|
| |
| Date :
2009-10-09 13:31:17 |
By :
xbeginner01 |
|
|
| |
|
|
|
|
|
| |
|
|
|
| |
|
|
|
| |
|
ลองดูแล้วครับมันลบได้แต่ใน sql ครับ แต่ไฟล์ยังคงอยู่
พี่ครับลองดูอีก โค๊ดDatabase.php
Code (PHP)
<?php
function Redirect($pstrPath_file)
{
header("Location: ".$pstrPath_file);
}
function killChars($strWords)
{
$badChars = array("select", "drop", ";", "--", "insert", "delete","Update");
$newChars = array("", "", "", "", "", "", "");
$strWords = str_replace($badChars, $newChars, $strWords);
return $strWords;
}
function NewLineinHTML($pstrString)
{
$badChars = array("\n");
$newChars = array("<BR>");
$pstrString = str_replace($badChars, $newChars, $pstrString);
return $pstrString;
}
function NewLinefromHTML($pstrString)
{
$badChars = array("<BR>");
$newChars = array("\n");
$pstrString = str_replace($badChars, $newChars, $pstrString);
return $pstrString;
}
function SQLSafeString($pstrString)
{
$badChars = array("'","\'");
$newChars = array("''","''");
$pstrString = str_replace($badChars, $newChars, $pstrString);
return $pstrString;
}
function JSSafeString($pstrString)
{
$badChars = array("'");
$newChars = array("\'");
$pstrString = str_replace($badChars, $newChars, $pstrString);
return $pstrString;
}
function QuerySafeString($pstrString)
{
$badChars = array("\'");
$newChars = array("'");
$pstrString = str_replace($badChars, $newChars, $pstrString);
$pstrString=killChars($pstrString);
return $pstrString;
}
class Database
{
function Database()
{
/* Connecting, selecting database */
$link = mysql_connect(HOSTM, dbUser, dbPassword)
or die("Could not connect : " . mysql_error());
//print "Connected successfully";
mysql_select_db(dbToUse) or die("Could not select database");
}
function Execute($strSQL,$strErrorMessages)
{
$result = mysql_query($strSQL) or die("Query failed : " . mysql_error());
return $result;
}
}
function ComboBoxOptionList($pstrSQL,$pstrSelectedValue)
{
$datab = new Database();
$rst= $datab->Execute ($strsql,$strTempResults);
$strTemp = "";
if ($strTempResults =="")
{
while ($line = mysql_fetch_array($rst, MYSQL_ASSOC))
{
$strTemp=$line['CODE'];
$strTemp1=$line['VALUE'];
if ($pstrSelectedValue==$strTemp)
{
$strTempResults .= "<OPTION SELECTED VALUE='".$strTemp . "'>". $strTemp1 . "</OPTION>";
}
else
{
$strTempResults .= "<OPTION VALUE='".$strTemp."'>".$strTemp1."</OPTION>";
}
}
}
else
{
$strTempResults = "<OPTION VALUE=''>" . $strTempResults . "</OPTION>";
}
return $strTempResults;
}
function TableBodyList($pstrSQL,$pstrHeaderRowParameters,
$pstrHeaderColumnParameters,
$pstrDataRowParameters,
$pstrDataColumnParameters,
$intFieldCount)
{
$strTemp="";
$datab = new Database;
$result=$datab->Execute($pstrSQL,$strTemp);
if ($strTemp!="")
{
$strTemp="<TR ".$pstrDataRowParameters."><TD ".$pstrDataColumnParameters.">".$strTemp + "</TD></TR>";
}
else
{
$strTemp="";$iCount=0;
$strTemp="<TR ".$pstrHeaderRowParameters . ">";
for ($i = 0;$i<$intFieldCount;$i++)
{
$strTemp.= "<TH " .$pstrHeaderColumnParameters .">" . mysql_field_name($result, $i)."</TH>";
}
if ($_SESSION["Admin"] =="Y") {
$strTemp.= "<TH " .$pstrHeaderColumnParameters.">Delete</TH>";
}
$strTemp.= "</TR>";
//$strTemp=+ "<table>\n";
while ($line = mysql_fetch_array($result, MYSQL_ASSOC))
{
//$strTemp=+ "\t<tr>\n";
$strTemp.= "\t<TR ".$pstrDataRowParameters .">\n";
$iCount=0;$strKey="";
foreach ($line as $col_name)
{
if ($iCount==0)
{
$strKey=$col_name;
$strTemp.="<TD ".$pstrDataColumnParameters ."><A HREF =\"javaScript:ModifyData('". $strKey ."')\" >" ;
$strTemp.= $strKey ."</A></TD>";
$iCount=1;
}
else
{
$strTemp.= "\t\t<TD " .$pstrDataColumnParameters. ">". $col_name. "</TD>\n";
//$strTemp=+ "\t\t<td>$col_name</td>\n";
}
}
if ($_SESSION["Admin"] =="Y") {
$strTemp.= "<TD " .$pstrDataColumnParameters . "><A HREF =\"javaScript:DeleteData('" . $strKey . "')\">Delete</TD>";
}
$strTemp.= "\t</tr>\n";
}
//$strTemp.= "</table>\n";
}
return $strTemp;
}
function TableMenuList($pstrSQL,$pstrHeaderRowParameters, $pstrHeaderColumnParameters,$pstrDataRowParameters, $pstrDataColumnParameters,$intFieldCount)
{
$datab = new Database();
$strTemp="";
$rst= $datab->Execute ($pstrSQL,$strTemp);
if ($strTemp!="")
{
$strTemp="<TR ".$pstrDataRowParameters . "><TD " .$pstrDataColumnParameters . ">" . $strTemp . "</TD></TR>";
return $strTemp;
}
else
{
$strTemp="";
//$strTemp="";
while ($line = mysql_fetch_array($rst, MYSQL_ASSOC))
{
$strTemp2=$line['News'];
$strTemp1=$line['ID'];
$strTemp3=$line['Date'];
$strTemp4=$line['pathfile'];
$strTemp.= "<TR ".$pstrDataRowParameters.">";
$strTemp.="<TD ".$pstrDataColumnParameters."><A HREF =\"Admin/News/filedata/".$strTemp4."\" >".$strTemp2."</A></TD>";
$strTemp.="<TD ".$pstrDataColumnParameters.">" .$strTemp3. "</TD>";
$strTemp.= "</TR>";
}
}
return $strTemp;
}
function getTitleBody($pstrHTML)
{
$strTemp=strtoupper($pstrHTML);
$pstrTitle="";
$intFirst= strpos($strTemp , "<TITLE>");
$intLast= strpos($strTemp, "</TITLE>");
if ($intFirst !== FALSE)
{
if ($intLast!==FALSE)
{
if ($intLast>$intFirst)
{
$intFirst=$intFirst+7;
$pstrTitle= substr($pstrHTML,$intFirst,$intLast-$intFirst);
}
}
}
$pstrBody="";
$pstrNoBODY="";
$pstrHead="";
$intFirst= strpos($strTemp, "<BODY");
$intLast= strpos($strTemp, "</BODY>");
if ($intFirst!==FALSE)
{
if ($intLast !== FALSE)
{
if ($intLast > $intFirst)
{
$intFirst1= strpos(substr($strTemp,$intFirst),">")+$intFirst+1;
$pstrHead=substr($pstrHTML, 0,$intFirst1);
$intFirst=$intFirst1;
$pstrBody= substr($pstrHTML,$intFirst,$intLast-$intFirst);
$pstrNoBODY=substr($pstrHTML,$intLast);
//print $pstrNoBODY;
}
}
}
$arr = array("TITLE" =>"","BODY" =>"","NOBODY" =>"","HEAD" =>"");
$arr["TITLE"]=$pstrTitle;
$arr["BODY"]=$pstrBody;
$arr["NOBODY"]=$pstrNoBODY;
$arr["HEAD"]=$pstrHead;
//$arr["TITLE","BODY","NOBODY","HEAD"];
return $arr;
}
function FormatingOriginalHTML($pstrHTML)
{
$pstrHTML =str_replace('/\\/\\/\\','"',$pstrHTML);
$pstrHTML =str_replace('>','>',$pstrHTML);
$pstrHTML =str_replace('<','<',$pstrHTML);
return $pstrHTML;
}
function SaveFile($filename,$somecontent,$opentype)
{
if ($opentype=="N")
{
$strOpen="w+";
}
elseif ($opentype=="E")
{
$strOpen="w+";
}
else
{
return "Specified open type is wrong";
}
// Let's make sure the file exists and is writable first.
if (is_writable($filename) || ($opentype=="N")) {
// In our example we're opening $filename in append mode.
// The file pointer is at the bottom of the file hence
// that's where $somecontent will go when we fwrite() it.
if (!$handle = fopen($filename, $strOpen)) {
return "Cannot open file ($filename)";
}
// Write $somecontent to our opened file.
if (fwrite($handle, stripslashes($somecontent)) === FALSE) {
return "Cannot write to file ($filename)";
}
fclose($handle);
}
else
{
return "The file $filename is not writable";
}
}
function DateFormatMysql($pstrDate)
{//return $pstrDate;
$intPos=strpos($pstrDate,'-');
if ($intPos === false) {
$intPos=strpos($pstrDate,'/');
if ($intPos === false) {
$strMonth="";
$strDay="";
$strYear="";
return "";
} else {
$strMonth=substr($pstrDate,0,$intPos);
$intPos1=strpos($pstrDate,'/',$intPos+1);
$strDay=substr($pstrDate,$intPos+1,$intPos1-($intPos+1));
$strYear=substr($pstrDate,$intPos1+1) ;
}
} else {
$strMonth=substr($pstrDate,1,$intPos);
$intPos1=strpos($pstrDate,'-',$intPos);
$strDay=substr($pstrDate,$intPos+1,$intPos1-($intPos+1));
$strYear=substr($pstrDate,$intPos1+1) ;
}
return $strYear.'-'.$strMonth.'-'.$strDay;
}
?>
|
| |
|
|
| |
| Date :
2009-10-09 17:02:52 |
By :
somsak84 |
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
 Load balance : Server 04
|
