Jump to content

file creation


onthespot

Recommended Posts

Hey, I am trying to get an email activation working.

The idea is that when the database is added to (new registration), the following will occur.

 

  $num = rand(1, 9999999999);
  $file = "activation/".$num.".".$subuser.".php";
          $content = "<?php\n\n"
                    . 'require_once \'../include/constants.php\';' . "\n\n"
                    . '$link = mysql_connect(DB_SERVER,DB_USER,DB_PASS) or die(mysql_error());' . "\n\n"
                    . 'mysql_select_db(DB_NAME,$link) or die(mysql_error());' . "\n\n"
                    . '$q = "UPDATE `users` SET `userlevel` = 1 WHERE `username` = \'' . $subuser  . "'\";\n\n"
                    . 'mysql_query($q, $link);' . "\n\n"
                    . '?>';



  if($fp = fopen($file, 'a')){
    fwrite($fp, $content."\n");
    fclose($fp);
  }

 

Any idea why the file isn't being created?

Link to comment
https://forums.phpfreaks.com/topic/169634-file-creation/
Share on other sites

<?php
error_reporting(E_ALL); 
ini_set("display_errors", 1);   
$num = rand(1, 9999999999);
  $file = "activation/".$num.".".$subuser.".php";
          $content = "<?phpnn"
                    . 'require_once \'../include/constants.php\';' . "nn"
                    . '$link = mysql_connect(DB_SERVER,DB_USER,DB_PASS) or die(mysql_error());' . "nn"
                    . 'mysql_select_db(DB_NAME,$link) or die(mysql_error());' . "nn"
                    . '$q = "UPDATE `users` SET `userlevel` = 1 WHERE `username` = '' . $subuser  . "'\";\n\n"
                    . 'mysql_query($q, $link);' . "\n\n"
                    . ?>';



  if($fp = fopen($file, 'a')){
    fwrite($fp, $content."\n");
    fclose($fp);
  }
?>

Link to comment
https://forums.phpfreaks.com/topic/169634-file-creation/#findComment-894948
Share on other sites

      else{
         if($database->addNewUser($subuser, md5($subpass), $subemail, $subname1, $sublocation, $subx360gt, $subps3gt, $subpcgt)){
  error_reporting(E_ALL); 
ini_set("display_errors", 1);   
  $num = rand(1, 9999999999);
  $file = "activation/".$num.".".$subuser.".php";
          $content = "<?php\n\n"
                    . 'require_once \'../include/constants.php\';' . "\n\n"
                    . '$link = mysql_connect(DB_SERVER,DB_USER,DB_PASS) or die(mysql_error());' . "\n\n"
                    . 'mysql_select_db(DB_NAME,$link) or die(mysql_error());' . "\n\n"
                    . '$q = "UPDATE `users` SET `userlevel` = 1 WHERE `username` = \'' . $subuser  . "'\";\n\n"
                    . 'mysql_query($q, $link);' . "\n\n"
                    . '?>';



  if($fp = fopen($file, 'a')){
    fwrite($fp, $content."\n");
    fclose($fp);
  }
  


  if(EMAIL_WELCOME){
      $mailer->sendWelcome($subuser,$subemail,$subpass,$file);
  }
  return 0;  //New user added succesfully
}else{
  return 2;  //Registration attempt failed
}
      }

 

That just wont make the file? Its just not there!

Link to comment
https://forums.phpfreaks.com/topic/169634-file-creation/#findComment-894951
Share on other sites

What? ???? What kind of error did you get?

Remove the if statement around your file creation and just create the file.

<?php
if($fp = fopen($file, 'a')){
    fwrite($fp, $content."\n");
    fclose($fp);
  }

?>

Should just be:

<?php
$fp = fopen($file, 'a');
fwrite($fp, $content."\n");
fclose($fp);
?>

If you want to test for the failure of the fopen check to see if $fp is equal to FALSE.

Link to comment
https://forums.phpfreaks.com/topic/169634-file-creation/#findComment-894965
Share on other sites

      else{
         if($database->addNewUser($subuser, md5($subpass), $subemail, $subname1, $sublocation, $subx360gt, $subps3gt, $subpcgt)){
  error_reporting(E_ALL); 
ini_set("display_errors", 1);   
  $num = rand(1, 9999999999);
  $file = "activation/".$num.".".$subuser.".php";
          $content = "<?php\n\n"
                    . 'require_once \'../include/constants.php\';' . "\n\n"
                    . '$link = mysql_connect(DB_SERVER,DB_USER,DB_PASS) or die(mysql_error());' . "\n\n"
                    . 'mysql_select_db(DB_NAME,$link) or die(mysql_error());' . "\n\n"
                    . '$q = "UPDATE `users` SET `userlevel` = 1 WHERE `username` = \'' . $subuser  . "'\";\n\n"
                    . 'mysql_query($q, $link);' . "\n\n"
                    . '?>';



  if($fp = fopen($file, 'a')){
    fwrite($fp, $content."\n");
    fclose($fp);
  }
  


  if(EMAIL_WELCOME){
      $mailer->sendWelcome($subuser,$subemail,$subpass,$file);
  }
  return 0;  //New user added succesfully
}else{
  return 2;  //Registration attempt failed
}
      }

 

That just wont make the file? Its just not there!

 

It doesn't create the file because PHP ends on that ?> tag you have in contents. It's not properly escaped.

 

if($database->addNewUser($subuser, md5($subpass), $subemail, $subname1, $sublocation, $subx360gt, $subps3gt, $subpcgt)) {
    error_reporting(E_ALL); 
    ini_set("display_errors", 1);   
    $num = rand(1, 9999999999);
    $file = "activation/".$num.".".$subuser.".php";
    $content = '<' . "?php\n\n"
    . 'require_once \'../include/constants.php\';' . "\n\n"
    . '$link = mysql_connect(DB_SERVER,DB_USER,DB_PASS) or die(mysql_error());' . "\n\n"
    . 'mysql_select_db(DB_NAME,$link) or die(mysql_error());' . "\n\n"
    . '$q = "UPDATE `users` SET `userlevel` = 1 WHERE `username` = \'' . $subuser  . "'\";\n\n"
    . 'mysql_query($q, $link);' . "\n\n"
    . '?' . '>';

    if($fp = fopen($file, 'a')){
    fwrite($fp, $content."\n");
    fclose($fp);
    }

    if(EMAIL_WELCOME){
        $mailer->sendWelcome($subuser,$subemail,$subpass,$file);
    }
    return 0;  //New user added succesfully
} else {
    return 2;  //Registration attempt failed
}

Link to comment
https://forums.phpfreaks.com/topic/169634-file-creation/#findComment-895021
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.