I am having a sort of an issue with something.

I am writing a script where, the user inputs some information in a form, and based on that form, a new file is created.

The file which is created will actually become a webpage of .php type.

The problem I am having is in creating that webpage, I can't seem to make it so that the form posted data is used.

For instance, where I write $file to the page, it writes $file rather than the value of that variable.

I have tested to make sure that the variable itself is accurate by echoing $file as well.
Here is the code that I am using.

I am assuming that it has something to do with the fact that I have this string in single quotes, however, this is the only way that I could do it without having to type a bunch of escapes. Can someone please tell me if there is a way to do this same thing without the need for all the escapes? Or if there is something else wrong with the code?

<?
$file = $_POST[file];
$newstring = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form action="newfile.php" method="post" name="new">
<? echo $file; ?> <input name="file" type="text" size="30" maxlength="60" /><input name="" type="submit" value="CREATE FILE" />
</form>
</body>
</html>';
$newfile = fopen($file, "w+") or die ("could not create file.");
fclose($newfile);
$myfile = @fopen($file, "w+") or die ("could not open file.");
@fwrite($myfile, $newstring) or die ("could not write to file");
fclose($myfile);
$msg = "<p>File created <a href='$file'>$file</a> and it has stuff in it</p>";
?>

Thanks
Sage

replace
$file
with
chr(36) . file

and pliz make the inverted-commas in proper order.
\" will print out " only

<?
$file = isset($_POST['file']) ? $_POST['file']:"testfile.php";
$newstring = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<form action="newfile.php" method="post" name="new">';
echo $file;
$newstring.='<input name="file" type="text" size="30" maxlength="60" /><input name="" type="submit" value="CREATE FILE" />
</form>
</body>
</html>';
$newfile = fopen($file, "w+") or die ("could not create file.");
fclose($newfile);
$myfile = @fopen($file, "w+") or die ("could not open file.");
@fwrite($myfile, $newstring) or die ("could not write to file");
fclose($myfile);
$msg = "<p>File created <a href='$file'>$file</a> and it has stuff in it</p>";
echo $msg;
?>

There. This should work! You were using php tags in a variable which was already in a php script.

Cheers,
Naveen

Comments
This worked out great, thanks

Thanks to both of you for your replys.
The second one worked (obviously).
I'm not sure what you mean, Naju, by making the inverted commas in proper order.

I am assuming that you are talking about escapes, but, that's sort of the point, I am doing this without using escapes.

I will test out your suggestion just to see what it does, but, I have a feeling that all it will do is pring $file, rather than the value of that variable.

Thanks.
Sage

This question has already been answered. Start a new discussion instead.