Jump to content
xisto Community
Sign in to follow this  
coolcat50

I Just Wrote A Script For A Php Text Editor!

Recommended Posts

Yes, I just wrote out a script for a PHP text editing program. It is very basic but I would like to be able to actually use this and update it. First, I need version 0.7 to be proofread. It will be upgraded to 0.8 after closed beta, 0.9 after open beta, 1.0 when ready.I would love to have some people help with this project. Right now it is a simple PHP script and HTML form. Here is the current script. I would like it to be proofread.

<?php$fileName = "$_REQUEST['name']";$fHandle = fopen($fileName , 'w') or die("Can't write file.");$fContent = "$_REQUEST['content']";fwrite($fHandle , &fContent);fclose($fHandle);?><form method="post"><input type="text" name="name" value="Filename" /><br /><textarea cols="30" rows="50" name="content">Text</textarea></form>

Suggestions for this will be great and I would like to make this be a pretty big project. I think it can be cool and very useful for the travelling programmer or webmaster. Thank you.P.S.: I would love to have assistants to help with updating it and testing and all of that. Thank you.

Share this post


Link to post
Share on other sites

Ouch, this will get you hacked easily. They create a file x.php and put this in it:

for example:

<?$fHandle = fopen($fileName , 'r+');while (!feof ($handle)) {	$buffer = fgets($handle, 4096);	echo $buffer;}?>

They just run their script after they created it and it gives them login info from your database and so on. It's very important to built in a safety check, so you can check their code first before they can run it. They could also create a injection bug on purpose in the script:

<? $page = $_GET['page']; include($page);?>

Makes them able to include every file on your server, even files that aren't in that specific map. So watch out with it :) Make sure only you can run the script, so for instance make a login for it.

Share this post


Link to post
Share on other sites

This is for the public. I guess i could install a member login system. Could you help me out?Wait, couldn't I just mod the script to only save as .txt filesSuch as

<?php$fileName="$_REQUEST['fname']" . ".txt";$fHandle=fopen($fileName , 'w') or die("Can't write file.");$fContent="$_REQUEST['content']";fwrite($fHandle,$fContent);fclose($fHandle);?>

Edited by coolcat50 (see edit history)

Share this post


Link to post
Share on other sites

Making it a .txt file only would make it a LOT safer. Other than that it seems fine to me.If you did add a member login then perhaps you could add the abilty to open and edit already existing files. That would be very useful for someone who needs the ability to store and edit files on the web. I'd recommend adding a maximum file length as well, you wouldn't want someone to make a ridiculously long file which uses up all your webhost space.

Share this post


Link to post
Share on other sites

many scripts like your is availiable for download, so developing this is point less. you need to learn php much more. i download this script and i have it already, why wait for you to develop your script, and that is also bad code if what stenno said is true. learn php first, and you have time to develop project later.

Share this post


Link to post
Share on other sites

I don't understand what the script is or what it does. Could someone expand on "text editor", please?

Notice from jlhaslip:
*deleted acronym*

text editor: noun

A program used to.. edit text

Synonym: Notepad

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.