Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New Coder
    Join Date
    Dec 2010
    Posts
    61
    Thanks
    12
    Thanked 0 Times in 0 Posts

    Help with posting data to text file

    Is this considered a secure environment to prevent crossline attack, while posting programming code to a text file.
    This is a quick editor to manage form code using a text editor.


    Note:
    The code would be stored in the database with the ability to edit, and posted to (overwriting) text file on submit.
    In production the code would only be processed from the text file.

    Code:
    <?php
    // ******************** SECURE LOGIN TO ACCESS DATABASE FILE ******************
    session_start();
    ob_start();
    if($_SESSION[userdetails]->role != "Administrator") {
    	die("Access Denied! Please contact the administrator for permission");
    }
    require_once("plugins/connection.php");
    // Check if he has the right info.
          $sql = sprintf("SELECT * FROM users ORDER BY username ASC", $_SESSION[userdetails]->id);
          $query = mysql_query($sql);
    $username = $_SESSION[userdetails]->firstname ;
    // ******************** SECURE ACCESS GRANTED SESSION STARTED  ******************
    // ******************** YOU MAY NOW EDIT THE FILE
    
    $sql = "SELECT * FROM mycode WHERE file_id ='9901'";
       $result = mysql_query($sql);
          while($row = mysql_fetch_assoc($result)){
    // ******************** ADD OR EDIT TEXT IN DATABASE WITH TEXT EDITOR
            $your_data = $row[text_editor];
    }
    /// ******************* WRITE TEXT FROM DATABASE TO THE TEXT FILE
    $fp = fopen("post_mydata.txt", "w");
    fwrite($fp, $your_data);
    fclose($fp);
    // ******************** CLOSE THE CONNECTION AND REDIRECT YOU TO HOME PAGE 
    mysql_close($connection);
    header("Location: ./index.php");
    ?>
    Last edited by CloudWriter; 12-08-2010 at 04:09 PM.

  • #2
    New Coder
    Join Date
    Dec 2010
    Posts
    61
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Just curious if this is a safe way to write to a text file, or is my question unclear?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •