Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Banned
    Join Date
    Oct 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts

    PHP script for text inserted generating a new page.

    First and foremost I am a complete novice to php but I try.
    Second thank you in advance to all that try to help.

    I will try my hardest to explain what I am looking for.

    Is there a script available that one can use to accept text in a text area or box for instance and then whatever text is inserted will be added to a newly generated page and saved to a SQL database upon submission?

    I am looking to create a page that will allow people to insert as much text as they wish and then submit it to create a new page that will exist on my site with the information they have submitted redirected to the newly generated page which gives the link for this page in short form with my dot com name attached.

    Kind of like the tinyurl site where a user can submit a long link and then another page is generated with a smaller link for convenience purposes instead the page will not consist of the tinyurl but the user inputted text at a newly generated page on my server with the data stored in mySQL database.

    I hope I have been clear and if not I apologize.

    Thank you.

  • #2
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    Hello dominickm,

    I'm more than willing to help you. However l got lost in the description of what you're looking to do.

    So the user has a form..

    the put in some text; and submits.

    The script creates a new file on your server, and places the text into it; and also inserts the text into a database as well?

  • #3
    Banned
    Join Date
    Oct 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yes exactly. The new page is generated with the the text inserted and submitted by the user and is stored in the database. The new page created would have a short name. If my server is www.johndoe.com the new page created would be at www.johndoe.com/23efg.php.

    I hope I haven't been confusing again and thank you greatly.

  • #4
    Regular Coder Coastal Web's Avatar
    Join Date
    Oct 2004
    Posts
    225
    Thanks
    12
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by dominickm View Post
    I hope I haven't been confusing again and thank you greatly.
    No not at all....
    here's something.. (see comments to understand what's going on..)

    Few notes...
    1.) let's assume that you already have the database, and table set up that you'll be dropping this info into..
    And let's assume that the table only has 2 columns in it.
    >"id", and "content"

    2.) This script *DOES NOT* sanitize the user input at all. First you need to decide what you want to allow users to post to your files, and database. Just plain old text, just html, php??? and then you need to build a *strong* filtering function to run the value of $content through before it gets written to the *.php file, or placed into the database....

    PHP Code:
    <?php
    /*connect to database*/ 
    $Host "localhost"
    $dbname "DB_NAME"
    $User "DB_USER"
    $Password "DB_USER_PASS"
    $table_name "TABLE_NAME"// name of the table were data is stored...


    $link mysql_connect($Host$User$Password); 
    mysql_db_query($dbname$sql$link); 

    //////////////////////
    //
    // here is a little function that will randomly create file names 6 digits in length
    function createSalt() {
        
    $chars "abcdefghijkmnopqrstuvwxyz023456789";
        
    srand((double)microtime()*1000000);
        
    $i 0;
        
    $pass '' ;

        while (
    $i <= 5) {
            
    $num rand() % 33;
            
    $tmp substr($chars$num1);
            
    $salt $salt $tmp;
            
    $i++;
        }
        return 
    $salt;
    }
    //done with createSalt() function...
    /////////////////////

    $content $_POST[content];
    $submit $_POST[submit];

    if(isSet(
    $submit) && !empty($content)){

    //first we'll use the createSalt() function to randomly create a file name...
    $newFile createSalt() . '.php';


    //////////////////////
    // THIS SCRIPT DOES NOT SANTIZE THE USER INPUT IT IS VERY IMPORTANT THAT YOU DO SO!!!!
    //////////////////////


    //create a new file 
    $fh fopen($newFile'w') or die("Could not create file for writing.");
    fwrite($fh$content);
    fclose($fh);


    // here we change ' to '' to prevent sql injections and/or sql error messages
    $content str_replace("'""''"$content);

    //next inject the information into the database...
    $sql = <<<end
    INSERT INTO `". $table_name ."` ( `id` , `content` ) 
    VALUES (
    NULL , '". $content . "'
    );
    end;
    $result mysql_query($sql) or die('SQL Problem: '.mysql_error ());


    //output success...
    echo <<<EoC

    Congratulations  your file has been created.
    <br />
    <a herf="$newFile">$newFile</a>

    EoC;

    //close sql connection
    @mysql_close();
    }else{
    //user has not submitted the form yet...
    //show them the form...

    echo <<<EoC

    <form method="post" aciton="$PHP_SELF">
    Content:
    <br />
    <textarea rows="20" cols="90"></textarea>
    <br />
    <input type="submit" name="submit" value="Save Page" />
    </form>

    EoC;

    }

    ?>

  • #5
    Banned
    Join Date
    Oct 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I sent you a PM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •