0

Hello....HELP, i have a script for saving textarea, but give me error and php is hardy for me:

  • Notice: Undefined index: page in C:\wamp\www*
    Warning: file_get_contents(): Filename cannot be empty in C:\wamp\www.....

    THE FORM HTML ... FOR CALL THE FILE

    <form action="" method="POST">
    pagina: <input type="text" name="page" value="" /> <p><input type="submit"></p> </form>

PHP ...Open the file

 <?php 

    if(isset($_POST['myBlog'],$_POST['save']))
    { 
    file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
    } 
    $file=file_get_contents($_POST['page']);
    ?>

TEXTAREA

<form method='post' action=''> <textarea cols="100" id="myBlog" name="editor1" rows="10"  > <?php
echo $file; 
 ?> <?php
<input type="submit" name="save" value="Save" /> </form> 
3
Contributors
22
Replies
110
Views
1 Year
Discussion Span
Last Post by Adolfo_1
Featured Replies
  • 2
    diafol 3,669   1 Year Ago

    It seem your problem is: $file=file_get_contents($_POST['page']); There is no check to see if `$_POST['page']` exists. You could do this: $file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : ''; However, the whole script is a bit odd. Your entire form is this: <form method='post' action=''> <textarea cols="100" id="myBlog" name="editor1" rows="10" > <?php … Read More

  • 1
    diafol 3,669   1 Year Ago

    Sorry Adolfo, I'm quite confused now. As you mentioned 'admin' page, I'm assuming that only you (or trusted admins) will be able to create or edit pages. Otherwise, you may need to set up an 'alias' system like this: http://php.net/manual/en/security.filesystem.php#58832 (or have mad validation!). To my mind you will need … Read More

  • 1
    diafol 3,669   1 Year Ago

    The second script doesn't make much sense to me. Maybe if(isset($_POST['myBlog']) && isset($_POST['save'])) { file_put_contents($_POST['page'], stripslashes($_POST['myBlog'])); } $file = (file_exists($_POST['page'])) ? file_get_contents($_POST['page']) : ''; That will give you empty content if the file does not exist. Read More

  • 1
    diafol 3,669   1 Year Ago

    if(isset($_POST['myBlog']) && isset($_POST['page'])) { file_put_contents($_POST['page'], stripslashes($_POST['myBlog'])); } $file = (file_exists($_POST['page'])) ? file_get_contents($_POST['page']) : ''; Read More

  • 1
    diafol 3,669   1 Year Ago

    Try: echo $_POST['page']; //example file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); Read More

2

It seem your problem is:

$file=file_get_contents($_POST['page']);

There is no check to see if $_POST['page'] exists.

You could do this:

$file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : '';

However, the whole script is a bit odd. Your entire form is this:

<form method='post' action=''> 
<textarea cols="100" id="myBlog" name="editor1" rows="10"  > <?php
echo $file; 
 ?> <?php
<input type="submit" name="save" value="Save" /> </form> 

You have an addition open <?php tag for some reason. That'll mess things up. ALso, no $_POST['page'] i.e. a field with a name attribute set to 'post' (name='post'). But you're using this to process the data. Can't see how that would work.

This too:

if(isset($_POST['myBlog'],$_POST['save']))

Do this:

if(isset($_POST['myBlog']) && isset($_POST['save']))

In addition, you may want to add some security to your textarea. If this is open to users, then they could paste all sorts of stuff like php code, js etc. If they know the filename, then they could execute some pretty nasty stuff on your server. A trivial piece of code may, for example, be able to list and retrieve all your files - including your "safe" files above public_html - so DB passwords etc. Once they have this, well no problem scraping your DB for user info. Even without the filename, they could do this - e.g. if opened by admin, it could send data via email and just echo some pretty inocuous stuff to thee screen - it would seem harmless enough.

Edited by diafol

0

Thanks for the reply. The open <?php tag is my error in copy. I applied the changes, but it does not save data.
The original script work and save the textarea, ma is for only one page. EXAMPLE:

<?php 
    if(isset($_POST['myBlog'],$_POST['save']))
    { 
    file_put_contents("blog1.html",stripslashes($_POST['myBlog'])); 
    } 
    $file=file_get_contents("blog1.html");
    ?>

I added a form to select the file to edit:

<form action="" method="POST">
 pagina: <input type="text" name="page" value="" />
<p><input type="submit"></p>
</form>

and then I changed the script as in the first post.

WHEN I SAVE ERROR IS IN ROW:

file_put_contents($file,stripslashes($_POST['editor1'])); 

This script should work from admin page.
If you can.....
Regards Adolfo

Edited by Adolfo_1

1

Sorry Adolfo, I'm quite confused now.

As you mentioned 'admin' page, I'm assuming that only you (or trusted admins) will be able to create or edit pages. Otherwise, you may need to set up an 'alias' system like this: http://php.net/manual/en/security.filesystem.php#58832 (or have mad validation!).

To my mind you will need 3 files: two form pages and a form handler page.

createform.php

<?php 
    session_start();
    $msg = '';
    $page = '';
    $content = '';
    if(isset($_SESSION['msg']))
    {
        $page = $_SESSION['msg']['page'];
        $msg = '<p class="'.$_SESSION['msg']['type'].'">' . $_SESSION['msg']['text'] . '</p>';
        $content = $_SESSION['msg']['content'];
        unset($_SESSION['msg']);
    }
?>

Later:

<?=$msg?>
<form action="includes/handler.php" method="pos<?=$page?>t">
    <label for="page">Pagina:</label>
    <input type="text" id="page" name="page" value="<?=$page?>" />
    <label for="content">Contenuto:</label>
    <textarea name="content" id="content"><?=$content?></textarea>
    <input type="hidden" name="returnpage" value="create" />
    <input type="submit" name="send" value="Invia" />
</form>

editform.php

<?php
session_start();
$msg = '';
$page = '';
$content = '';

if(isset($_SESSION['msg']))
{
    $page = $_SESSION['msg']['page'];
    $msg = '<p class="'.$_SESSION['msg']['type'].'">' . $_SESSION['msg']['text'] . '</p>';
    $content = $_SESSION['msg']['content'];
    unset($_SESSION['msg']);
}elseif(isset($_GET['page']) && file_exists('pages/' . $_GET['page'])){
    $page = $_GET['page'];
    $content = file_get_contents('pages/' . $_GET['page']);
}else{
    $msg = 'Questo file non esiste';
}

Then at the appropriate place in the page:

<?php if(isset($error)){ ?>

    <p><?=$error?></p>

<?php }else{ ?>

    <form method='post' action='includes/handler.php'>
        <label for="page">Pagina:</label>
        <input type="text" id="page" name="page" value="<?$page?>" />
        <label for="content">Contenuto:</label>
        <textarea name="content" id="content"><?=$content?></textarea>
        <input type="hidden" name="returnpage" value="edit" />
        <input type="submit" name="send" value="Accetta Modifiche" /> 
    </form> 

<?php } ?>

includes/handler.php

<?php
session_start();
$ret = '../createform.php'; //default

if(isset($_POST['page']) && isset($_POST['content']) && isset($_POST['returnpage']) && trim($_POST['page']) && trim($_POST['content'] && in_array($_POST['returnpage'], ['create', 'edit'])))
{

    $filename = $_POST['page'];
    $content = $_POST['content'];          

    //you may wish to validate or sanitize here before this next step

    if(file_put_content($filename, $content))
    {
        $_SESSION['msg'] = 
        [
            'page'=> ($_POST['returnpage'] == 'create') ? '' : $_POST['page'], 
            'content'=>($_POST['returnpage'] == 'create') ? '' : $_POST['content'],
            'type'=>'success',
            'text' => ($_POST['returnpage'] == 'create') ? 'Il file &egrave; stato creato' : 'Il file &egrave; stato modificato'
        ];
    }else{
        $_SESSION['msg'] = 
        [
            'page'=>$_POST['page'], 
            'content'=>$_POST['content'],
            'type'=>'error',
            'msg' => 'Impossibile ' . (($_POST['returnpage'] == 'create') ? 'creare': 'modificare') . ' il file. Controllare il nome e il contenuto.';
        ];
    }        
    $ret = '../' . $_POST['returnpage'] . 'form.php';
}else{
    $_SESSION['msg'] = 
    [
        'page'=>$_POST['page'], 
        'content'=>$_POST['content'],
        'type'=>'error',
        'msg'=>'Assicurarsi che il file ha un nome e alcuni contenuti'
    ];
}

header("Location: $ret");
exit;
?>

Sorry, that's abit messy was off the top of my head and typed it straight into the editor, so there will probably be typos. An idea, that's all.

0

This seems to be working fine. I see the text in the textarea in my HTML form. However when I save my model to the database, the value of my textarea is not saved. Before saving, I loop over the model to see what data the fields hold. And indeed $model1->Totalview is empty.Direct Distributed Web Development

Edited by BillTucker

0

Ciao....I wanted to do it for my sub-site shops and no database, very simple .. Your scripts is very professional and I am very difficult with "php" and "english".. I do this test. But it is impossible to improve the script AS above post ?? that list:

-fixed page THIS Save textarea

<?php 
    if(isset($_POST['myBlog'],$_POST['save']))
    { 
    file_put_contents("blog1.html",stripslashes($_POST['myBlog'])); 
    } 
    $file=file_get_contents("blog1.html");
    ?>

page variable from form THIS NOT SAVE texarea

<?php 
    if(isset($_POST['myBlog'],$_POST['save']))
    { 
    file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
    } 
    $file=file_get_contents($_POST['page']);
    ?>

Tomorrow I try your scrip... thanks

1

The second script doesn't make much sense to me. Maybe

if(isset($_POST['myBlog']) && isset($_POST['save']))
{ 
    file_put_contents($_POST['page'], stripslashes($_POST['myBlog'])); 
} 

$file = (file_exists($_POST['page'])) ? file_get_contents($_POST['page']) : '';

That will give you empty content if the file does not exist.

0

No....Unfortunately it does not work. when i save give error in 3 e 6

if(isset($_POST['myBlog']) && isset($_POST['save']))
{ 
    file_put_contents($_POST['page'], stripslashes($_POST['myBlog'])); 
} 
$file = (file_exists($_POST['page'])) ? file_get_contents($_POST['page']) : '';
1
if(isset($_POST['myBlog']) && isset($_POST['page']))
{ 
    file_put_contents($_POST['page'], stripslashes($_POST['myBlog'])); 
} 
$file = (file_exists($_POST['page'])) ? file_get_contents($_POST['page']) : '';
0

rien de rien..
Problem maybe he wants an absolute path, as the first case,

blog1.html    
//example
file_put_contents("blog1.html",stripslashes($_POST['myBlog']));  // this work

and not

$_POST['page']
//example
file_put_contents($_POST['page'],stripslashes($_POST['myBlog']));

select from initial form
idem for get_content

<form action="" method="POST">
Page: <input type="text" name="page" value="" />
<p><input type="submit"></p> </form>

Edited by Adolfo_1

1

Try:

echo $_POST['page'];
//example
file_put_contents($_POST['page'],stripslashes($_POST['myBlog']));
0

This entire file.It gives no errors in opening and closing, but does not save changes

<!DOCTYPE html>
<html>

<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>Senza nome 4</title>
</head>

<body>

<form action="" method="POST">
 pagina: <input type="text" name="page" value="" />
<p><input type="submit"></p>
</form>


<?php 
    if(isset($_POST['myBlog'],$_POST['save']))
    { 
    file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
    } 
    //$file=file_get_contents($_POST['page']);
    $file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : ''; 

?>


<form method='post' action=''> 
<textarea cols="100" id="myBlog" name="myblog" rows="10"  > 
<?php
echo $file; 
?> 

</textarea>


<input type="submit" name="save" value="Save" /> </form>    


</body>

</html>
1

Sorry Adolfo, you've confused th hell out of me.

So all of this is in one page?
Just so I understand.

This is the CREATE form:

<form action="" method="POST">
     pagina: <input type="text" name="page" value="" />
    <p><input type="submit"></p>
</form>

This form will send $_POST['page'] ONLY.

This is the EDIT form:

<form method='post' action=''> 
    <textarea cols="100" id="myBlog" name="myblog" rows="10"  > 
    <?php
    echo $file; 
    ?> 
    </textarea>
    <input type="submit" name="save" value="Save" /> 
</form>

This form will send $_POST['myblog'] and $_POST['save'] ONLY.

I assume the file has to be created before you edit it. :(

Your PHP code:

<?php 
    if(isset($_POST['myBlog'],$_POST['save'])) 
    { 
        file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
    } 
    //$file=file_get_contents($_POST['page']);
    $file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : ''; 
?>

I think I already pointed out that this CANNOT WORK.

    if(isset($_POST['myblog'],$_POST['save'])) 
    { 
        file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
    }

If myblog AND save ARE set, then page WILL NOT be set and vice versa

PHP does not save data in variables like this. Variables are washed away on each page refresh, form submission etc.

0

I Mistake in previous post:

<?php 
if(isset($_POST['editor1']) && isset($_POST['save']))  /* this is your */

//if(isset($_POST['myBlog'],$_POST['save']))
{ 
file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
} 
//$file=file_get_contents($_POST['page']);
$file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : '';    /*is  this your */
?>

then so it's impossible to save from input. That's a pity

1

It's not impossible to save from input. It's just your code is confused.

WHat is the purpose of this form?

<form action="" method="POST">
     pagina: <input type="text" name="page" value="" />
    <p><input type="submit"></p>
</form>

What is it supposed to do?

0

EXAMPLE =
i have the my firts script ( this work )
I should change "index6.html" from form for editing others file

<?php

if(isset($_POST['myBlog'],$_POST['save'])) 
{ 
file_put_contents("index6.html",stripslashes($_POST['editor1'])); 
} 
$file=file_get_contents("index6.html");

?> 

and then I did the second script:

 <?php 
    if(isset($_POST['myBlog'],$_POST['save']))
    { 
    file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
    } 
    $file=file_get_contents($_POST['page']);
    ?>

index6.html = (i.e. becomes) $_POST['page']

1

This is my point. $_POST['page'] does not exist in the second snippet. The form ONLY sends data that can be picked up by $_POST['myBlog'] and $_POST['save'].

0

But

$_POST['page']

open the file correctely in textarea with

$file=file_get_contents($_POST['page']);

GULP.....I have no basis for understanding very well

0

Yes it will because when you send

<form action="" method="POST">
     pagina: <input type="text" name="page" value="" />
    <p><input type="submit"></p>
</form>

$_POST['page'] exists and will run this code:

$file= (isset($_POST['page']) && trim($_POST['page'])) ? file_get_contents($_POST['page']) : ''; 

So you'll see the contents of $file in the textarea of the other form.

WHen you try to edit the content with this:

<form method='post' action=''> 
    <textarea cols="100" id="myBlog" name="myblog" rows="10"  > 
    <?php
    echo $file; 
    ?> 
    </textarea>
    <input type="submit" name="save" value="Save" /> 
</form>

It WON'T work because although the new content ('myBlog') is sent to the server, there is no 'page' field that can use this for file_put_contents():

if(isset($_POST['myBlog'],$_POST['save']))
{ 
    file_put_contents($_POST['page'],stripslashes($_POST['myBlog'])); 
} 
$file=file_get_contents($_POST['page']);

You will see and error about $_POST['page'].

I think I've mentioned this about a 100 times now. Non so cos'altro posso fare per farti capire.

Votes + Comments
+1 for your great "tenacia"... heh
0

SOLVED by me. It works very well. Simply using the $_SESSION that saves the data of the post FOR OTHER FUNCTIONS. As I thought it was possible. Regards.

0

Open session...etc. etc.
if the post is on the same page and not added the value give errror:
Warning Filename can not be empty..... I have to solve to delete error.
When i add value is OK.
If form is in other page is always ok.

if(isset($_POST['Myblog'],$_POST['save'])) 
{ 
file_put_contents($_SESSION['page'],stripslashes($_POST['Myblog'])); 
} 
$file=file_get_contents($_SESSION['page']); 
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.