Jump to content

Write a php config file based off of a form.......


TGWSE_GY

Recommended Posts

What I am wanting to do something similar to this:

 

1. the user uploads the files to the server

2. the user loads the script

3. the script see's that its the first time being run

3-1. the script loads a form asking for:

3-1-a. Host

3-1-b. User

3-1-c. Password

3-1-d. Database Name

4. User presses the next button

5. The credentials are tested

6. Upon success config.db.php is written with the above database connection info in it.

 

Here is what I have so far, maybe someone can tell me how far off I am......

FORM

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Database Configuration</title>
<link rel="stylesheet" type="text/css" href="view.css" media="all">
<script type="text/javascript" src="view.js"></script>

</head>
<body id="main_body" >

<img id="top" src="top.png" alt="">
<div id="form_container">

	<h1><a>Database Configuration</a></h1>
	<form id="form_220518" class="appnitro"  method="post" action="process.form.php">
				<div class="form_description">
		<h2>Database Configuration</h2>
		<p>We will set your mySQL Database information.</p>
	</div>						
		<ul >

				<li id="li_1" >
	<label class="description" for="hostname">Hostname: </label>
	<div>
		<input id="hostname" name="hostname" class="element text large" type="text" maxlength="255" value=""/> 
	</div><p class="guidelines" id="guide_1"><small>Enter your mySQL Database Server address here. Usually localhost will do however some hosts require your to use http://mysql.mydomain.com</small></p> 
	</li>		<li id="li_2" >
	<label class="description" for="username">Username: </label>
	<div>
		<input id="username" name="username" class="element text medium" type="text" maxlength="255" value=""/> 
	</div><p class="guidelines" id="guide_2"><small>Enter your mySQL Database Server Username</small></p> 
	</li>		<li id="li_3" >
	<label class="description" for="password">Password: </label>
	<div>
		<input id="password" name="password" class="element text medium" type="username" maxlength="255" value=""/> 
	</div><p class="guidelines" id="guide_3"><small>Enter your mySQL Database Server Password</small></p> 
	</li>		<li id="li_4" >
	<label class="description" for="database">Database: </label>
	<div>
		<input id="database" name="database" class="element text medium" type="text" maxlength="255" value=""/> 
	</div><p class="guidelines" id="guide_4"><small>please enter your mySQL Database Name</small></p> 
	</li>

				<li class="buttons">
		    
		    
			<input id="saveForm" class="button_text" type="submit" name="submit" value="Proceed" />
	</li>
	  </ul>
	</form>	
	<div id="footer">
		Generated by <a href="http://www.phpform.org">pForm</a>
	</div>
</div>
<img id="bottom" src="bottom.png" alt="">
</body>
</html>

 

Proccess

<?php
	$host = $_POST['hostname'];
	$user=$_POST['username'];
	$pass=$_POST['password'];
	$db  =$_POST['database'];

	if(mysql_connect($host,$user,$pass){
		if(mysql_select_db($db)){
			$file="../../../content/db.config.php";
			$handle=fopen($file, 'w');
			$data="<?php $host=$host; $user=$user; $pass=$pass; $db=$db; $conn=mysql_connect($host, $user, $pass); $selectdb=mysql_select_db($db); ?>";
			fwrite($handle, $data);
			fclose($handle);
		}else{
			//Later there will have to be an error document placed here
			echo("Please press back and refill out the form the database name is incorrect.");
		}
	}else{
		//Later there will have to be an error document placed here
		echo("Please press back and refill out the form the Hostname, Username, or Database is incorrect");
	}
?>

 

Thanks Guys

;D

You might at least start by escaping the $ signs so that your variables don't interpolate.

 

$data="<?php \$host=$host; \$user=$user; \$pass=$pass; \$db=$db; \$conn=mysql_connect(\$host, \$user, \$pass); \$selectdb=mysql_select_db(\$db); ?>";

 

I would not be putting an php code in there though (not that I would use this method at all), but just variable assignments.

What he means is use flat files, which is very very bad mmmkay, it means anyone can read the file unless you restrict it etc not needed just use native php like so:

 

$host = custom_sanitize_func($_POST['host']);
$user = custom_sanitize_func($_POST['user']);
$pass = custom_sanitize_func($_POST['pass']);

$PHP_TEMPLATE_FILE = '<?php

$config_host = "'.$host.'";
$config_user = "'.$user.'";
$config_pass = "'.$pass.'";

?>';

$fname = "config.php";

// Delete
if(file_exists($fname)){ unlink($fname); }
/ Make a new file
$file = fopen($fname,"a+");
fwrite($file, $PHP_TEMPLATE_FILE);
fclose($file);

 

-CB-

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.