Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

open/edit/save text files in form text area.

Posted on 2003-11-10
3
Medium Priority
?
1,917 Views
Last Modified: 2006-11-17
I am in desparate need of a page that has a list of text files that can be edited (I can do that). The page I can't do is the one to open the chosen text file (through querystring $_GET['file']) into a form textarea field, allow it to be edited, and then saved back over the top of the existing file. Preferably it would create a backup of the file it is re-saving.

Thanks.
0
Comment
Question by:ralphuk100
  • 2
3 Comments
 
LVL 33

Accepted Solution

by:
snoyes_jw earned 380 total points
ID: 9716809
page1.php:

<form action="page2.php">
<input name = "fileName" type="hidden" value="<?php echo $filename?>" method="POST">
<textarea name="somecontent">
<?php
// read the file contents
$filename = $_GET['file'];
$handle = fopen($filename, 'r');
echo fread ($handle, filesize ($filename));
fclose ($handle);
?>
</textarea>
</form>


page2.php:

<?php
// backup the file
copy ($_POST'fileName'], $_POST['fileName'] . "backup");
// write over the file
$handle = fopen($filename, 'w');
fwrite($handle, $_POST['somecontent']);
fclose($handle);
?>
0
 
LVL 33

Expert Comment

by:snoyes_jw
ID: 9716817
Sorry, the method=post should go in the form tag, not the hidden input tag, and $filename won't be defined until after the $filename = $_GET['file'], so move the hidden input tag to after the text area.
0
 
LVL 6

Expert Comment

by:aolXFT
ID: 9718153
I recommend adding a htmlentities() to snoyes_jw's code, since his has XSS vulnerabilities.

If you have a page with the following contents(although you shouldn't), it will cause problems:

##############################

</textarea>

<script language="javascript">
<!--
do_bad_evil_stuff();

//-->
</script>

##############################

You are going to have problems.

to get around this problem, you can htmlspecialchars the contents of the textarea.

replace

echo fread ($handle, filesize ($filename));

with

echo htmlspecialchars(fread ($handle, filesize ($filename)));
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days socially coordinated efforts have turned into a critical requirement for enterprises.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo‚Ķ
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question