<?php fopen($_GET[‘I am a noob!’], ‘w’); ?>

[pedrwvargas]

Hey guys! I'm new in this community and also new to php.

So I'm building my personal and very unsafe "cloud" and here's the first problem:

 

What I want to do is: when typing http://x.com/docs/?new=file.txt, create a file in that directory (docs/file.txt).

 

Here's my very simple code (docs/index.php):

<?php
fopen($_GET[‘new’], ‘w’);
?>

And here's the error I get:

Warning: fopen(): Filename cannot be empty in /home/u344093746/public_html/p/s/docs/index.php on line 2

I've already changed permissions for the directory docs/

 

Thanks in advance!*

 

*Mind my English, I'm Spanish. Soz if I make you get a lil bit confused...

Edited April 18, 2017 by pedrwvargas

[ginerjm]

Does your starting url have the query string appended to it or is it just 'docs/index.php'?

[Jacques1]

“Very unsafe” is an understatement. This is malware. It allows anybody to (over)write arbitrary files at arbitrary locations, because you blindly accept any path. Unless you want to demonstrate how easily bad software can be compromised (which is already well-known), you're doing it wrong.

 

Then your code is full of typographic quotes which PHP cannot process. Appearently you use something like Microsoft Word instead of an actual code editor to write your programs.

[pedrwvargas]

That was definitely the problem. Filezilla opened OpenOffice by default and was the only program I could use to instantly edit it and save it. I thought it'd be ok but I was wrong.

 

Thank you very much!