Jump to content

Recommended Posts

I offer you this poorly designed editor useful (but dangerous if discovered by a hacker) for all sorts of applications where you want someone to be able to edit their files online.

 

I imagine most of you wil just copy my script and use it for yourself without trying to help me. That's fine. But will someone please help? I keep deleting important files by accident. Here's why: If you click on the x next to any named file within the directory it automatically deletes the file without a warning prompt. How do I use php to throw up that prompt "Are you sure you want to delete this file?"

 

Save this file as edit.php and upload it into a new folder. Make sure you give it full read write permissions. Also upload something to delete in there like a photo. When accessing the file it should list the contents of the directory it is in. You will see the simple editor I programmed and the "x" next to the file for deleting it.

 

Please help me design a pop up for the warning. In return well you have yourself an easy to use online editor. Password protecting this file is easy and I use it regularly. I just can't stand it when I delete a file accidentally:

 

 

<?php

 

 

if( ! isset( $_GET['file'] ) )

 

{

 

$_GET['file'] = ".";

 

}

 

 

 

if( $_GET['delete'] == 1 )

 

{

 

if( is_file( $_GET['file'] ) )

 

{

 

unlink( $_GET['file'] );

 

$_GET['file'] = dirname( $_GET['file'] );

 

$_GET['delete'] = 0;

 

}

 

}

 

 

 

if( $_GET['delete'] == 1 )

 

{

 

if( is_dir( $_GET['file'] ) )

 

{

 

rmdir( $_GET['file'] );

 

$_GET['file'] = dirname( $_GET['file'] );

 

$_GET['delete'] = 0;

 

}

 

}

 

 

 

if( isset( $_FILES['thefile'] ) ) {

 

 

 

$uploaddir = $_POST['path']."/";

 

$uploadfile = $uploaddir . $_FILES['thefile']['name'];

 

 

 

if (move_uploaded_file($_FILES['thefile']['tmp_name'], $uploadfile)) {

 

    chmod("$uploadfile", 0766);

 

}else{ echo "ERROR"; exit; }

 

 

 

$_GET['file'] = $_POST['path'];

 

 

 

}

 

 

 

 

 

 

 

if( is_file( $_GET['file'] ) )

 

{

 

$edit_file = 1;

 

}

 

 

 

if( is_dir( $_GET['file'] ) )

 

{

 

$show_directory = 1;

 

}

 

 

 

if( $_GET['create'] == 1 )

 

{

 

touch( $_POST['path']."/".$_POST['file'] );

 

$_GET['file'] = $_POST['path'];

 

}

 

 

 

if( $_GET['createdir'] == 1 )

 

{

 

mkdir( $_POST['path']."/".$_POST['file'] );

 

$_GET['file'] = $_POST['path'];

 

}

 

 

 

#get file contents function

 

if (!function_exists('file_get_contents'))

 

{

 

  function file_get_contents($filename, $use_include_path = 0)

 

  {

 

    $file = @fopen($filename, 'rb', $use_include_path);

 

    if ($file)

 

    {

 

      if ($fsize = @filesize($filename))

 

      {

 

        $data = fread($file, $fsize);

 

      }

 

      else

 

      {

 

        while (!feof($file))

 

        {

 

          $data .= fread($file, 1024);

 

        }

 

      }

 

      fclose($file);

 

    }

 

    return $data;

 

  }

 

}

 

 

 

#file_put_contents

 

if (!function_exists('file_put_contents')) {

 

  define('FILE_APPEND', 1);

 

  function file_put_contents($filename, $content, $flags = 0) {

 

    if (!($file = fopen($filename, ($flags & FILE_APPEND) ? 'a' : 'w')))

 

      return false;

 

    $n = fwrite($file, $content);

 

    fclose($file);

 

    `chmod 766 $filename`;

 

#, 0766);

 

    return $n ? $n : false;

 

  }

 

}

 

 

 

if( $_POST['submitter'] == 'Save and View' )

 

{

 

file_put_contents($_GET['file'],stripslashes($_POST['file_source']),"w");

 

$_GET['file'] = dirname( $_GET['file'] );

 

$show_directory = 1;

 

$edit_file = 0;

 

#header("Location: ".$_GET['file']);

 

}

 

 

 

 

 

 

 

?>

 

<html>

 

<head>

 

<script language="JavaScript" type="text/JavaScript">

 

function HandleKeyDown(obj) {

 

  var tabKeyCode = 9;

 

  if (event.keyCode == tabKeyCode && event.srcElement == obj) {

 

  obj.selection = document.selection.createRange();

 

  obj.selection.text = String.fromCharCode(tabKeyCode);

 

  event.returnValue = false;

 

  }

 

}

 

</script>

 

<title>reditor</title>

 

</head>

 

 

 

<!-- show a directory -->

 

<?php if( $show_directory ) { ?>

 

<p>DIRECTORY: <?= $_GET['file'] ?></p>

 

<table>

 

<?php

 

if ($handle = opendir( $_GET['file'] )) {

 

  while (false !== ($file = readdir($handle))) {

 

    if ($file != "." && $file != "..") {

 

  $dir = "";

 

  $delete = "x";

 

if( is_dir( $file ) )

 

{

 

  $dir = "/";

 

 

 

}

 

  ?>

 

 

 

      <tr>

 

  <td><a href = "?file=<?= $_GET['file'] ?>/<?=$file?>"><?= $file ?><?= $dir ?></a></td>

 

  <td><a href = "?file=<?= $_GET['file'] ?>/<?=$file?>&delete=1"><?= $delete ?></a></td>

 

  </tr>

 

    <?php }

 

  }

 

  closedir($handle);

 

}

 

?>

 

</table>

 

<form action = "?create=1" method = "POST">

 

<input type = "text" name = "file" >

 

<input type = "hidden" name = "path" value = "<?= $_GET['file'] ?>">

 

<input type = "submit" value = "Create New File">

 

</form>

 

 

 

<form action = "?createdir=1" method = "POST">

 

<input type = "text" name = "file" >

 

<input type = "hidden" name = "path" value = "<?= $_GET['file'] ?>">

 

<input type = "submit" value = "Create New Dir">

 

</form>

 

 

 

 

 

<form enctype="multipart/form-data" action = "?upload=1" method = "POST">

 

<input type = "file" name = "thefile" >

 

<input type = "hidden" name = "path" value = "<?= $_GET['file'] ?>">

 

<input type = "submit" value = "Upload File">

 

</form>

 

 

 

<?php } ?>

 

 

 

 

 

<!-- edit a file -->

 

<?php if( $edit_file ) { ?>

 

<?php $file_src = file_get_contents( $_GET['file'] ); ?>

 

<body>

 

<h2>Editing <?= $_GET['file'] ?></h2>

 

<form name="sited" enctype="multipart/form-data" METHOD="POST" ACTION="">

 

<textarea name="file_source" wrap="OFF" style="height:580px; width:840px "ONKEYDOWN="HandleKeyDown(this);"><?php echo $file_src; ?></textarea>

 

<br />

 

<input type="submit" name="submitter" value="Save and View">

 

</form>

 

<?php } ?>

 

 

</html>

 

 

Thank you for anyone who can solve my problem.

 

[attachment deleted by admin]

tldr (too long didn't read)

 

PHP doesn't do popups, javascript does.

Of course if you have javascript disabled you still wouldn't get a warning.. so you'd simply have to adept your page to no instantly delete but do a "Are you sure" first.

 

But since you're asking for a popup.. http://www.w3schools.com/JS/js_popup.asp

The confirm box is what you're asking for, but you might want to check the prompt box as well.. you could make it so you have to type "yes" before pressing ok to delete a file. That way you wont accidentally delete anything.. not even while typing or trying to press something else on the screen.

Could you show me a sample of where to include that "yes" or "no" field when I click the X? Any solution in php will work I don't care whether it's a pop up or not. I know I said "pop up" but I am not looking for a javascript solution I do not know who to integrate java into the php. Please help! ;)

If you're constantly "accidentally" deleting important files, the likelihood of you continuing to do so even with a confirmation dialogue is probably still pretty high (no offense...).  I would suggest for you to instead of deleting the file, have your script move it to a folder called "pendingdeletes" or something.  That way if you "accidentally" delete it, you can go retrieve it.

Lol.

 

Or you could do something like

 

$del = $_GET['del'];
if(!isset($del))
{
echo 'confirm please.<br /><a href="'.$_SERVER['REQUEST_URI'].'?del=1">Continue</a>';
}
else
{
//delete stuff....
}

 

I do it like that, except I use POST data so my URLs stay moderately neat :D

ok crayon violent. Thanks for your input, although I didn't expect being criticized for deleting files by a moderator. :-\

 

Um..

 

jackpf you rock! Nice of you to step in there with some php to look at. I just need a workable solution to solve my complaints. 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.