ralphuk100
asked on
open/edit/save text files in form text area.
I am in desparate need of a page that has a list of text files that can be edited (I can do that). The page I can't do is the one to open the chosen text file (through querystring $_GET['file']) into a form textarea field, allow it to be edited, and then saved back over the top of the existing file. Preferably it would create a backup of the file it is re-saving.
Thanks.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
snoyes_jw
Sorry, the method=post should go in the form tag, not the hidden input tag, and $filename won't be defined until after the $filename = $_GET['file'], so move the hidden input tag to after the text area.
I recommend adding a htmlentities() to snoyes_jw's code, since his has XSS vulnerabilities.
If you have a page with the following contents(although you shouldn't), it will cause problems:
##########################
</textarea>
<script language="javascript">
<!--
do_bad_evil_stuff();
//-->
</script>
##########################
You are going to have problems.
to get around this problem, you can htmlspecialchars the contents of the textarea.
replace
echo fread ($handle, filesize ($filename));
with
echo htmlspecialchars(fread ($handle, filesize ($filename)));
If you have a page with the following contents(although you shouldn't), it will cause problems:
##########################
</textarea>
<script language="javascript">
<!--
do_bad_evil_stuff();
//-->
</script>
##########################
You are going to have problems.
to get around this problem, you can htmlspecialchars the contents of the textarea.
replace
echo fread ($handle, filesize ($filename));
with
echo htmlspecialchars(fread ($handle, filesize ($filename)));