Hey...I am pretty new at php and I need this:
A Form, where someone types in something like newpage and it redirects to index.php?page=newpage ...only what they type...The CMS I am working on makes a new page when you type one that isn't already there into the page=thing lol ...Does anyone know how to do this?
Full Version: Need Some Php Help
If you use fopen with 'w' or 'a' access mode (write or append) then the file (if it doesn't exist) will be created:
You can also use touch if all you want to do is create it.
To check if it does exist you can use file_exists.
You'll need sufficient permissions to write to a directory though, chmod of 600 would be fine.
CODE
$fp = fopen('./chmodded-dir/foo.txt', 'w');
fwrite($fp, 'Hello world');
fclose($fp);
fwrite($fp, 'Hello world');
fclose($fp);
You can also use touch if all you want to do is create it.
To check if it does exist you can use file_exists.
You'll need sufficient permissions to write to a directory though, chmod of 600 would be fine.
I already have the system...all I need it a form that when they type in the new page's name it takes you to the page thus making it,
Say they type in aboutme into the form, when they submit it needs to take them to index.php?page=aboutme and it will make the page auto because the page wasn't already there...all I need is the form...
I already have the system...all I need it a form that when they type in the new page's name it takes you to the page thus making it,
Say they type in aboutme into the form, when they submit it needs to take them to index.php?page=aboutme and it will make the page auto because the page wasn't already there...all I need is the form...
Say they type in aboutme into the form, when they submit it needs to take them to index.php?page=aboutme and it will make the page auto because the page wasn't already there...all I need is the form...
I already have the system...all I need it a form that when they type in the new page's name it takes you to the page thus making it,
Say they type in aboutme into the form, when they submit it needs to take them to index.php?page=aboutme and it will make the page auto because the page wasn't already there...all I need is the form...
A form is not php, that's HTML:
http://www.w3schools.com/html/html_forms.asp
If you want to know how to redirect:
http://www.php.net/header
Why did you repeat the same bit twice?
http://www.w3schools.com/html/html_forms.asp
If you want to know how to redirect:
http://www.php.net/header
Why did you repeat the same bit twice?
Double posted I think lol
Will the html do this...what I kinda have an idea of now is like:
and in the form, the field they type the page's name into will have name="pagename" ...would that work?
Will the html do this...what I kinda have an idea of now is like:
CODE
<?php
header("Location: http://www.example.com/index.php?page=$pagename");
exit;
?>
header("Location: http://www.example.com/index.php?page=$pagename");
exit;
?>
and in the form, the field they type the page's name into will have name="pagename" ...would that work?
i need to learn php >.>
CODE
<?php
$postVar = $_POST['pageTitle'];
header("Location: http://site.com/index.php?page='$postVar'");
exit();
?>
$postVar = $_POST['pageTitle'];
header("Location: http://site.com/index.php?page='$postVar'");
exit();
?>
That should do what you want
QUOTE(Perry @ Oct 15 2007, 02:22 AM) 
CODE
<?php
$postVar = $_POST['pageTitle'];
header("Location: http://site.com/index.php?page='$postVar'");
exit();
?>
$postVar = $_POST['pageTitle'];
header("Location: http://site.com/index.php?page='$postVar'");
exit();
?>
That should do what you want
Thanks
No problem.
Doh..
Be sure to filter this $postVar.
Keeping it as is, very bad idea.
Never trust user input,
Keeping it as is, very bad idea.
Never trust user input,
urgh php talk ><
QUOTE(Zytran @ Oct 16 2007, 05:13 AM)
Be sure to filter this $postVar.
Keeping it as is, very bad idea.
Never trust user input,
Keeping it as is, very bad idea.
Never trust user input,
PHP from versions 4.4.2 and 5.1.2 detects if there are extraneous headers by detecting new lines which would of been the only thing to cause it real trouble (header injection), for XSS vulns the server sends the location request header, so it can't interpret 'java script:dosomethingwithacookie()' as a known protocol wrapper, so it just gives you blank output.
Only filtering I would do would is urlencode it for compliance. Then again, better to be safe than sorry.
Feel free to prove me wrong
QUOTE(Bread @ Oct 16 2007, 09:38 AM)
PHP from versions 4.4.2 and 5.1.2 detects if there are extraneous headers by detecting new lines which would of been the only thing to cause it real trouble (header injection), for XSS vulns the server sends the location request header, so it can't interpret 'java script:dosomethingwithacookie()' as a known protocol wrapper, so it just gives you blank output.
Only filtering I would do would is urlencode it for compliance. Then again, better to be safe than sorry.
Feel free to prove me wrong
Only filtering I would do would is urlencode it for compliance. Then again, better to be safe than sorry.
Feel free to prove me wrong
Are you telling me that sending XSS threw request headers is safe?
Who said anything about sending 'java script:dosomethingwithacookie()' threw request headers?
Let me say this again...
Be sure to filter this $postVar.
Keeping it as is, very bad idea.
Never trust user input,
QUOTE(Zytran @ Oct 22 2007, 07:07 PM)
Are you telling me that sending XSS threw request headers is safe?
Who said anything about sending 'java script:dosomethingwithacookie()' threw request headers?
Let me say this again...
Be sure to filter this $postVar.
Keeping it as is, very bad idea.
Never trust user input,
Who said anything about sending 'java script:dosomethingwithacookie()' threw request headers?
Let me say this again...
Be sure to filter this $postVar.
Keeping it as is, very bad idea.
Never trust user input,
You make a weak argument, provide a proof of concept.
Yes, I agree not to trust user input, but in this scenario very little is to be achieved by additional filtering, the best that can be done is someone is given a link where the page value is equal to the value supplied which in essense is a link.
For the creation of the file filtering is definitely required.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.