Solved

open/edit/save text files in form text area.

Posted on 2003-11-10
3
1,909 Views
Last Modified: 2006-11-17
I am in desparate need of a page that has a list of text files that can be edited (I can do that). The page I can't do is the one to open the chosen text file (through querystring $_GET['file']) into a form textarea field, allow it to be edited, and then saved back over the top of the existing file. Preferably it would create a backup of the file it is re-saving.

Thanks.
0
Comment
Question by:ralphuk100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 33

Accepted Solution

by:
snoyes_jw earned 95 total points
ID: 9716809
page1.php:

<form action="page2.php">
<input name = "fileName" type="hidden" value="<?php echo $filename?>" method="POST">
<textarea name="somecontent">
<?php
// read the file contents
$filename = $_GET['file'];
$handle = fopen($filename, 'r');
echo fread ($handle, filesize ($filename));
fclose ($handle);
?>
</textarea>
</form>


page2.php:

<?php
// backup the file
copy ($_POST'fileName'], $_POST['fileName'] . "backup");
// write over the file
$handle = fopen($filename, 'w');
fwrite($handle, $_POST['somecontent']);
fclose($handle);
?>
0
 
LVL 33

Expert Comment

by:snoyes_jw
ID: 9716817
Sorry, the method=post should go in the form tag, not the hidden input tag, and $filename won't be defined until after the $filename = $_GET['file'], so move the hidden input tag to after the text area.
0
 
LVL 6

Expert Comment

by:aolXFT
ID: 9718153
I recommend adding a htmlentities() to snoyes_jw's code, since his has XSS vulnerabilities.

If you have a page with the following contents(although you shouldn't), it will cause problems:

##############################

</textarea>

<script language="javascript">
<!--
do_bad_evil_stuff();

//-->
</script>

##############################

You are going to have problems.

to get around this problem, you can htmlspecialchars the contents of the textarea.

replace

echo fread ($handle, filesize ($filename));

with

echo htmlspecialchars(fread ($handle, filesize ($filename)));
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question