Jump to content

write some values in a txt file

rewriter

By rewriter
in PHP Coding Help

 Share

Recommended Posts

rewriter Newbie

rewriter

Posted
Posted

Hi all, i have a .txt file as this:

 

[paragraph1]
data1
data2
data_three...

[paragraph2]
data15
data other
data three...

[paragraph_other]
data1
some data
data_four...

 

From a page web, if a check the checkbox1 I want to write some data in append of paragraph1; if I click the checkbox2, I want append others values in paragraph2 and so on...

 

How can I do? con you help me with some code?

 

Thanks

Link to comment
Share on other sites
rewriter Newbie

rewriter

Posted
  • Author
Posted

add the new content at the position you want

how can i do this?

now, i using this code:

$op = file_get_contents($filename);

 

$op contains all the content txt file: i must to append some data only in [paragraph1] or [paragraph2]....

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

Try:

<?php

function get_paragraphs()
{
    $lines = file('data.txt');

    $cur_pgraph = null;
    $paragraph = array();
    foreach($lines as $line)
    {
        #$line = trim($line);

        if(eregi("^\[([a-z0-9\-_ ]+)\]", $line))
        {
            $cur_pgraph = trim(str_replace(array('[', ']'), '', $line));
            $paragraph[$cur_pgraph] = null;
        }
        else
        {
            $paragraph[$cur_pgraph] .= $line;
        }
    }

    return $paragraph;
}

if(isset($_POST['submit']))
{
    $output = null;
    foreach($_POST['paragraph'] as $data)
    {
        $title   = $data['title'];
        $content = $data['content'];

        $output .= "[$title]\n$content\n";
    }

    file_put_contents('data.txt', $output);

    header('Location: ' . $_SERVER['PHP_SELF']);
}
else
{
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0" cellpadding="5" cellspacing="1">
  <tr>
    <th colspan="2"><h1>Paragraph Editor</h1></th>
  </tr>
  <tr>
    <th width="150">Title</th>
    <th>Content</th>
  </tr>
<?php
    $i = 0;
    foreach(get_paragraphs() as $key => $data)
    {
        echo "  <tr valign=\"top\">\n    <td><input type=\"text\" name=\"paragraph[$i][title]\" value=\"$key\"></td>\n    ".
             "<td><textarea name=\"paragraph[$i][content]\" cols=\"60\" rows=\"6\">$data</textarea></td>\n  </tr>\n";

        $i++;
    }
?>
  <tr>
    <td colspan="2"><input type="submit" name="submit" value="Apply Changes" /></td>
  </tr>
</table>
</form>
<?php
}
?>

change data.txt to the name of the file that contains your paragaphs

Link to comment
Share on other sites
  • 3 weeks later...
puritania Newbie

puritania

Posted
Posted

Try:

<?php
...
header('Location: ' . $_SERVER['PHP_SELF']);
...
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
...

Why do you make a header Location? Very ugly! And the form action ... uuuhh, what about XSS? Uglier than ugly...

Link to comment
Share on other sites
discomatt Member

discomatt

Posted
Posted

I'm honestly not sure how someone would perform an XSS attack when the variables used are coming directly from the PHP engine.

 

Please expand... If I'm wrong on this one I'd like to know the possible vulnerabilities in using PHP_SELF

Link to comment
Share on other sites
discomatt Member

discomatt

Posted
Posted

I had used to header to clear the $_POST and for the changes to take affect, otherwise the browser will display the old values. I could of told the browser to not cache the page but it was only an example

 

I really don't think anything was wrong with your code.

Link to comment
Share on other sites
puritania Newbie

puritania

Posted
Posted

i don't know if you really know what xss (cross site scripting) is, but you should make everything to avoid it. You should !!!really!!! always use $_SERVER['SCRIPT_NAME'] instead of $_SERVER['PHP_SELF'] or write it as a plain text when using forms.

I had used to header to clear the $_POST and for the changes to take affect, otherwise the browser will display the old values. I could of told the browser to not cache the page
Please... if you really need or want to clear the $_POST Variable you can use $_POST = array(); and that's it. Regarding the header-stuff: Why don't you do it like this:

<?php
...

if(!empty($_POST['paragraph']))
{
    $output = null;
    foreach($_POST['paragraph'] as $data)
    {
        $title   = $data['title'];
        $content = $data['content'];

        $output .= "[$title]\n$content\n";
    }

    file_put_contents('data.txt', $output);
}
?>
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
<table border="0" cellpadding="5" cellspacing="1">
  <tr>
    <th colspan="2"><h1>Paragraph Editor</h1></th>
  </tr>
  <tr>
    <th width="150">Title</th>
    <th>Content</th>
  </tr>
<?php
    $i = 0;
    foreach(get_paragraphs() as $key => $data)
    {
        echo "  <tr valign=\"top\">\n    <td><input type=\"text\" name=\"paragraph[$i][title]\" value=\"$key\"></td>\n    ".
             "<td><textarea name=\"paragraph[$i][content]\" cols=\"60\" rows=\"6\">$data</textarea></td>\n  </tr>\n";

        $i++;
    }
?>
  <tr>
    <td colspan="2"><input type="submit" name="submit" value="Apply Changes" /></td>
  </tr>
</table>
</form>

As you can see, the header location is totally useless. Note: a header location to the same domain is useless in 99.9%. 2 other things: Don't check the submit button, check the data. Some browsers don't submit the button's value. And to save the data in text file with your scheme [] isn't really elegant. you should use xml or a database or if you want to keep it simple a serialized array. by the way, i see that you're using the eregi functions, these are old... you should use preg_match and co.

 

Sorry about the Objections, but i had to say it (although if you are a Genius Super Moderator ;))

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

i don't know if you really know what xss (cross site scripting) is, but you should make everything to avoid it. You should !!!really!!! always use $_SERVER['SCRIPT_NAME'] instead of $_SERVER['PHP_SELF'] or write it as a plain text when using forms.

I had used to header to clear the $_POST and for the changes to take affect, otherwise the browser will display the old values. I could of told the browser to not cache the page
Please... if you really need or want to clear the $_POST Variable you can use $_POST = array(); and that's it. Regarding the header-stuff: Why don't you do it like this:

<?php
...

if(!empty($_POST['paragraph']))
{
    $output = null;
    foreach($_POST['paragraph'] as $data)
    {
        $title   = $data['title'];
        $content = $data['content'];

        $output .= "[$title]\n$content\n";
    }

    file_put_contents('data.txt', $output);
}
?>
<form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
<table border="0" cellpadding="5" cellspacing="1">
  <tr>
    <th colspan="2"><h1>Paragraph Editor</h1></th>
  </tr>
  <tr>
    <th width="150">Title</th>
    <th>Content</th>
  </tr>
<?php
    $i = 0;
    foreach(get_paragraphs() as $key => $data)
    {
        echo "  <tr valign=\"top\">\n    <td><input type=\"text\" name=\"paragraph[$i][title]\" value=\"$key\"></td>\n    ".
             "<td><textarea name=\"paragraph[$i][content]\" cols=\"60\" rows=\"6\">$data</textarea></td>\n  </tr>\n";

        $i++;
    }
?>
  <tr>
    <td colspan="2"><input type="submit" name="submit" value="Apply Changes" /></td>
  </tr>
</table>
</form>

As you can see, the header location is totally useless. Note: a header location to the same domain is useless in 99.9%. 2 other things: Don't check the submit button, check the data. Some browsers don't submit the button's value. And to save the data in text file with your scheme [] isn't really elegant. you should use xml or a database or if you want to keep it simple a serialized array. by the way, i see that you're using the eregi functions, these are old... you should use preg_match and co.

 

Sorry about the Objections, but i had to say it (although if you are a Genius Super Moderator ;))

I'm understanding what you're saying but what I posted was to the OP needs. As for using xml or a database for storing the paragraphs, the OP already had the paragraphs in a text file. I wrote the code around what they already had.

 

As with the use of header I only added it in for an easy fix, because the browser was caching the page and not showing the new changes made when the form was submited. I know its not the best however it will do.

 

I do understand was xss is yes. I don't know what you're trying to prove.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.