How to remove image from folder at update phpMysql?

Question

Update query from the database:

<?php
    include 'dpconnection.php';

    $uid=$_REQUEST['upid'];
    if (isset($_POST['update'])) {

    $category= $_POST['category'];
    $pname= $_POST['pname'];
    $parea= $_POST['parea'];
    $pPrices= $_POST['pPrices'];
    $pAddress= $_POST['pAddress'];

                $filename = $_FILES['new_image']['name'] ;
                $tempname = $_FILES['new_image']['tmp_name'] ; 
                $filesize = $_FILES['new_image']['size'] ;
                $fileextension = explode('.', $filename) ;
                $fileextension = strtolower(end($fileextension));

                $newfilename = uniqid().'images'.'.'.$fileextension ;
                $path = "media/".$newfilename ;
                $sql = mysqli_query($conn,"UPDATE product SET c_id='$category', p_name='$pname', p_area='$parea', p_prices='$pPrices',p_address='$pAddress', p_thumb_image='$path' WHERE p_id='$uid'");

                if (move_uploaded_file($tempname, $path) && $sql)  {
                    echo "<script>alert('Record Updated successfully');</script>";
                    echo "<script>location.href = 'adminViewProduct.php';</script>";
                } else {
                    echo "Error updating record: " . $conn->error;
                }
}
?>

Image not deleting from folder, i have two if statement but just one else statement so it looks like i am missing something but i really don't know what i am missing.

This is form:

<div class="form-group">
<label>Address</label>
<input class="form-control" type="text" name="pAddress" value="<?php echo $row1['p_address'];?>">
</div>

<div class="form-group">
<label>Thumb Image</label>
<input type="file" name="new_image" class="form-control">
<input  class="form-control" type="hidden" name="pimage" value="<?php echo $row1['p_thumb_image'];?>">
                            
<img class="float-left" src="<?php echo $row1['p_thumb_image'];?>" width="100px;"><br><br>
</div>

<div class="form-group text-center">
<input class="btn btn-primary" type="submit" name="update" value="Update">
</div>
</form>

**Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) — Dharman, Nov 09 '22 at 21:33

score 0 · Answer 1 · answered Nov 10 '22 at 03:07

0

You don't have a code that delete the files in php there's a function called unlink where you can delete a files but first you need fetch the path or filename and delete it before updating your data.

Here is the link of unlink. https://www.php.net/manual/en/function.unlink.php

answered Nov 10 '22 at 03:07

Alfredo Ramirez Jr.