It seem your problem is:
There is no check to see if `$_POST['page']` exists.
You could do this:
$file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : '';
However, the whole script is a bit odd. Your entire form is this:
<form method='post' action=''>
<textarea cols="100" id="myBlog" name="editor1" rows="10" > <?php … Read More
Sorry Adolfo, I'm quite confused now.
As you mentioned 'admin' page, I'm assuming that only you (or trusted admins) will be able to create or edit pages. Otherwise, you may need to set up an 'alias' system like this: http://php.net/manual/en/security.filesystem.php#58832 (or have mad validation!).
To my mind you will need … Read More
The second script doesn't make much sense to me. Maybe
if(isset($_POST['myBlog']) && isset($_POST['save']))
$file = (file_exists($_POST['page'])) ? file_get_contents($_POST['page']) : '';
That will give you empty content if the file does not exist. Read More
You have an addition open <?php tag for some reason. That'll mess things up. ALso, no $_POST['page'] i.e. a field with a name attribute set to 'post' (name='post'). But you're using this to process the data. Can't see how that would work.
In addition, you may want to add some security to your textarea. If this is open to users, then they could paste all sorts of stuff like php code, js etc. If they know the filename, then they could execute some pretty nasty stuff on your server. A trivial piece of code may, for example, be able to list and retrieve all your files - including your "safe" files above public_html - so DB passwords etc. Once they have this, well no problem scraping your DB for user info. Even without the filename, they could do this - e.g. if opened by admin, it could send data via email and just echo some pretty inocuous stuff to thee screen - it would seem harmless enough.
This seems to be working fine. I see the text in the textarea in my HTML form. However when I save my model to the database, the value of my textarea is not saved. Before saving, I loop over the model to see what data the fields hold. And indeed $model1->Totalview is empty.Direct Distributed Web Development
Ciao....I wanted to do it for my sub-site shops and no database, very simple .. Your scripts is very professional and I am very difficult with "php" and "english".. I do this test. But it is impossible to improve the script AS above post ?? that list:
Open session...etc. etc.
if the post is on the same page and not added the value give errror:
Warning Filename can not be empty..... I have to solve to delete error.
When i add value is OK.
If form is in other page is always ok.