Fwrite to certain area on a page

[tox0tes]

Here is my problem: I have a page called install.php that is just a user entry form. Each textfield is associated with a string on another page, variables.php. I want people to be able to type in a value in the text field and have that value fwrited to the value of the string on the other page. Is this possible?

[alexgeek]

Can be done with classes like i said

[tox0tes]

I do have classes. I have it all set up to do this, but I am having a little problem with the strings actually executing before they are fwrited to the variables.php page.

Here is install.php (only the strings siteurl and password are being utilized) (variables.txt is a blank text file):

PHP: Select all

<?php
if($_POST['Submit']){
$open = "variables.txt";
$fh = fopen($open, 'a') or die("can't open file");
$siteurl1 = $_POST['siteurl'];
fwrite($fh, "$siteurl = '".$siteurl1."';\n");
$password1 = $_POST['password'];
fwrite($fh, "$password = '".$password1."';\n");
fclose($fh);
echo "Changes Saved.";
}else{
echo "<form action='".$PHP_SELF."' method='post'>Web Site URL (i.e. http://www.yoursite.com)<input id='siteurl' name='siteurl' type='text'><br>Make up a password <input id='password' name='password' type='text'><br><br><table cellpadding='0' cellspacing='0'><tr><td valign='top'>Page 1 without extension (i.e. home)<input id='page1' name='page1' type='text'><br>Page 2 without extension (i.e. about)<input id='page2' name='page2' type='text'><br>Page 3 without extension (i.e. history)<input id='page3' name='page3' type='text'><br>Page 4 without extension (i.e. directions)<input id='page4' name='page4' type='text'><br>Page 5 without extension (i.e. gallery)<input id='page5' name='page5' type='text'><br>Page 6 without extension (i.e. products)<input id='page6' name='page6' type='text'><br>Page 7 without extension (i.e. downloads)<input name='page7' type='text'><br>Page 8 without extension (i.e. forums)<input name='page8' type='text'><br>Page 9 without extension (i.e. prices)<input name='page9' type='text'><br>Page 10 without extension (i.e. contact)<input name='page10' type='text'></td><td valign='top'><br>Name of image folder 1 (i.e. art)<input name='pics1directory' type='text'><br>Name of image folder 2 (i.e. people)<input name='pics2directory' type='text'><br>Name of image folder 3 (i.e. places)<input name='pics3directory' type='text'></td></tr></table><input name='Submit' type='submit' value='Submit' /></form>";
}
?>

However, when I run install.php, the resulting variables.txt file contains this:

Code: Select all

 = 'http://www.danedesigns.com';
 = 'great';

It shows that the text I want (which is wrapped in quotes, so should not be executing), is in fact executing before it is written to the page.

[alexgeek]

could you not create a class called settings, like this:

PHP: Select all

new Settings {
static variables = array(
'siteurl' => 'default',
'password' => 'default'
);
} 

then use do some thing like Settings::variables['siteurl'] = $variable;

[tox0tes]

I got the thing working almost. Now the problem is that when I use the include code:

PHP: Select all

<?php include "variables.txt"; ?>

It doesn't execute what is contained in the include, so it is simply displayed as plain text on the page.

I am afraid that I will have to put the <?php and ?> in the variables.txt file for it to execute, but that would make things much more complicated since all the content from variables.txt is generated from the fwrite...

[alexgeek]

this file will contain the password to the cms..
and you gave the extension ext
anyone can come along and view it and see the password

[afmanuk]

Nah nah nah... You need to escape the $ by using backslashes, cause echo "$var"; will echo the contents of the $var variable, and because $siteurl and $password are not set, it writes nullspace to the file...
Should look like this...

PHP: Select all

$siteurl1 = $_POST['siteurl'];
fwrite($fh, "\$siteurl = '".$siteurl1."';\n");
$password1 = $_POST['password'];
fwrite($fh, "\$password = '".$password1."';\n"); 

Works similar to the \n

[bahy]

okay afmanuk !
i works too :

PHP: Select all

$siteurl1 = $_POST['siteurl'];
fwrite($fh, '$siteurl = \''.$siteurl1."';\n");
$password1 = $_POST['password'];
fwrite($fh, '$password = \''.$password1."';\n"); 

finaly u have to use " \ " !!

[tox0tes]

Quote:

this file will contain the password to the cms..
and you gave the extension ext
anyone can come along and view it and see the password

Yeah, that's a problem. For the time being, this include page has a randomly generated name so people can't just guess it. Also, they can't browse the contents of the admin folder, so technically, there shouldn't be a way to view the contents of this text file. Right?

As for the problem, I got it fixed by putting a $-variablename and then used string replace to take out the "-" before it is processed. This seemed to work. THanks for the help.

[alexgeek]

Quote:

Originally Posted by danedesigns

Yeah, that's a problem. For the time being, this include page has a randomly generated name so people can't just guess it. Also, they can't browse the contents of the admin folder, so technically, there shouldn't be a way to view the contents of this text file. Right?

As for the problem, I got it fixed by putting a $-variablename and then used string replace to take out the "-" before it is processed. This seemed to work. THanks for the help.

Wouldn't it be easier just to make it a php file?