PHP unlink Function
last modified April 3, 2025
The PHP unlink function deletes a file from the filesystem. It's
essential for file management operations in PHP applications.
Basic Definition
The unlink function removes a file specified by its path. It
returns true on success or false on failure. The function is binary-safe.
Syntax: unlink(string $filename, resource $context = null): bool.
The optional context parameter can be used with stream wrappers.
Basic unlink Example
This shows the simplest usage of unlink to delete a file.
<?php
declare(strict_types=1);
$file = "test.txt";
if (file_exists($file)) {
if (unlink($file)) {
echo "File deleted successfully";
} else {
echo "Error deleting file";
}
} else {
echo "File does not exist";
}
This checks if the file exists before attempting deletion. The unlink
function returns true if successful. Always verify file existence first.
Error Handling with unlink
Proper error handling is crucial when working with filesystem operations.
<?php
declare(strict_types=1);
$file = "nonexistent.txt";
try {
if (!unlink($file)) {
throw new RuntimeException("Could not delete $file");
}
echo "File deleted successfully";
} catch (RuntimeException $e) {
error_log($e->getMessage());
echo "Error: " . $e->getMessage();
}
This demonstrates exception handling for file deletion. The code attempts to delete a file and throws an exception if unsuccessful. Errors are logged.
Deleting Files with Relative Paths
unlink works with both absolute and relative file paths.
<?php
declare(strict_types=1);
$file = "../temp/old_data.csv";
if (is_writable($file)) {
if (unlink($file)) {
echo "Temporary file removed";
} else {
echo "Failed to remove temporary file";
}
} else {
echo "File not writable or doesn't exist";
}
This checks file permissions before deletion using is_writable.
Relative paths are resolved relative to the current working directory.
Using Context with unlink
The context parameter allows additional options for stream operations.
<?php
declare(strict_types=1);
$file = "ftp://user:pass@example.com/tmp/file.txt";
$options = ['ftp' => ['overwrite' => true]];
$context = stream_context_create($options);
if (unlink($file, $context)) {
echo "Remote file deleted successfully";
} else {
echo "Failed to delete remote file";
}
This shows how to delete a file via FTP using a stream context. The context provides authentication and additional FTP-specific options.
Secure File Deletion
Security considerations are important when deleting files in PHP.
<?php
declare(strict_types=1);
function secureDelete(string $path): bool {
if (!file_exists($path)) {
return false;
}
if (!is_file($path)) {
return false;
}
$realpath = realpath($path);
$allowedDir = realpath(__DIR__ . '/uploads');
if (strpos($realpath, $allowedDir) !== 0) {
return false;
}
return unlink($realpath);
}
$file = "uploads/user_upload.jpg";
if (secureDelete($file)) {
echo "File securely deleted";
} else {
echo "Deletion failed or not allowed";
}
This secure deletion function validates the file path thoroughly. It checks if the file exists, is a regular file, and is within an allowed directory.
Best Practices
- Check Permissions: Verify file is writable before deletion.
- Error Handling: Implement proper error handling mechanisms.
- Path Validation: Validate paths to prevent directory traversal.
- Backup: Consider backup before critical deletions.
- Logging: Log deletion operations for audit purposes.
Source
This tutorial covered the PHP unlink function with practical
examples showing file deletion in different scenarios with security in mind.