Jump to content
LucaCrippa

edit and erase blog post php

Recommended Posts

Hi there,

I have two problems with php, in particular about variable passing.

 

In the admin page of a website I created a form to public "news entries". The event is saved in a txt file:

 

filename.txt contains:

 

$title | $date | $text | $location | $time

$path = '../public/events';	$file = fopen("../public/events/$filename","w");		echo fwrite ($file, " $title | $date | $text | $location | $time ");

Ok, this is working. But now I would like to delete and edit text files!

 

I tried such a thing:

 

1) press it to delete event:

<a href=delconfirm.php?del=$valori>Delete event</A>

2) delconfirm.php

<?php $path = '../public/events';$d = $_GET['del'];  echo "    <center></br></br></br></br></br></br>	Confirm? <p>    <p>	<h5><a href=delete.php?delete=$d> Yes </a><br></h5>	<p>	<p>	<h5><a href=Index.php> No </a><br></h5>	</center>	"; ?>

3) delete.php

<?php$path = '../public/events';$deleted = $_GET['delete'];if (!unlink($deleted)){ 	echo ("Erasing of $deleted failed<br>");     } else {     echo ("      	<CENTER></br></br></br></br></br></br>		Event $deleted succesfully erased! <p>    	<p>		<h5><a href="Index.php">Home Page</a></h5>		</CENTER>			");      }    ?>

But I have this error:

 

Warning: unlink(2.txt) [function.unlink]: No such file or directory in D:Inetpubwebscoroconcorezzoitcircolinodelete.php on line 19Impossibile eliminare 2.txt

 

 

Second, the editing of a text file:

<a href=editevent.php?edi=$valori>Edit event</A>

1) editevent.php

<?php$path = '../public/events';$edit = $_GET['edi'];$loadcontent = "$path/$edit";    if($save_file) {        $savecontent = stripslashes($savecontent);        $fp = @fopen($loadcontent, "w");        if ($fp) {            fwrite($fp, $savecontent);            fclose($fp);        }    }    $fp = @fopen($loadcontent, "r");        $loadcontent = fread($fp, filesize($loadcontent));        $loadcontent = htmlspecialchars($loadcontent);        	fclose($fp);?><table width="100%" border="0" vertical-align="text-top">  <tr>  <td><h7>Edit</h7><p><form method=post action="<?=$_SERVER['PHP_SELF']?>"><textarea name="savecontent" cols="55" rows="18"><?=$loadcontent?></textarea><br><input type="submit" name="save_file" value="Save!"> </form></td>

Actually it allows me to have the txt file content in the textarea, but there are these errors:

 

Warning: fread(): supplied argument is not a valid stream resource in D:Inetpubwebscoroconcorezzoitcircolinoeditevent.php on line 51Warning: fclose(): supplied argument is not a valid stream resource in D:Inetpubwebscoroconcorezzoitcircolinoeditevent.php on line53

 

 

 

 

 

How can I manage it?? Thank you!!

Share this post


Link to post
Share on other sites

In your edit page, the reason the error is showing up is that fopen() failed. Check that $loadcontent has the value you expected.

You can use PHP's file_exists() function to check if the file is there before operating with it.

 

The following code is probably failing because you did not actually use the $path value

$path = '../public/events';$deleted = $_GET['delete'];if (!unlink($deleted)){ 

Share this post


Link to post
Share on other sites

 

In your edit page, the reason the error is showing up is that fopen() failed. Check that $loadcontent has the value you expected.

You can use PHP's file_exists() function to check if the file is there before operating with it.

 

The following code is probably failing because you did not actually use the $path value

$path = '../public/events';$deleted = $_GET['delete'];if (!unlink($deleted)){ 

 

$loadcontent has actually the right value, in fact when I press the edit button the content of my txt file appears! When I click on Save on the form I have that error.

 

About the deleting code, I tried to comment the $path variable but I got the same result. It's a mess!! :D

Share this post


Link to post
Share on other sites

 

$loadcontent has actually the right value, in fact when I press the edit button the content of my txt file appears! When I click on Save on the form I have that error.

 

About the deleting code, I tried to comment the $path variable but I got the same result. It's a mess!! :D

for the delete, you have this page "$path = '../public/events';" but the script can ot find it since 2.txt isnt located properly so you might want your path to be $path = '../public/events/';

Edited by DDs1

Share this post


Link to post
Share on other sites

for the delete, you have this page "$path = '../public/events';" but the script can ot find it since 2.txt isnt located properly so you might want your path to be $path = '../public/events/';

2.txt in this case is really located in ../public/events

so how can I modify my code to make it working?

 

 

edit: aaahhhh I missed a /

I'm trying ;)

 

 

edit2: no, it's not working at all.. :P

Edited by LucaCrippa

Share this post


Link to post
Share on other sites

2.txt in this case is really located in ../public/events

so how can I modify my code to make it working?

 

 

edit: aaahhhh I missed a /

I'm trying ;)

 

 

edit2: no, it's not working at all.. :P

Ok, the error for the delete was:

 

$deleted = $path .'/'. $_GET['delete'];

 

I'm stupid.

 

I tried to fix the other problem (the edit) with the same code but I failed!

Share this post


Link to post
Share on other sites

If you really want to know why it's not working, remove the @ (error suppressing) operator from @fopen();

 

That will show you why the program isn't working.

 

I just should warn you that if this is your page, it's really insecure. Anybody who opens the page in your browser can edit and delete any file on your server.

Share this post


Link to post
Share on other sites

If you really want to know why it's not working, remove the @ (error suppressing) operator from @fopen();

 

That will show you why the program isn't working.

 

I just should warn you that if this is your page, it's really insecure. Anybody who opens the page in your browser can edit and delete any file on your server.

Ok, I'm trying.

No, the editing page is protected by a login page!

Share this post


Link to post
Share on other sites

Then why isn't the edit page checking the session to make sure the user is logged in? Why not just go directly to that URL without going through the login page?

Share this post


Link to post
Share on other sites

Like Ingolme said, the first step is to get the error message. So stop suppressing error messages. You also might want to use an absolute path to the file you're trying to open.

Share this post


Link to post
Share on other sites

Like Ingolme said, the first step is to get the error message. So stop suppressing error messages. You also might want to use an absolute path to the file you're trying to open.

First, I succeeded to make secure session to protect my pages.

Secondly, removing the @ in the editevent page brings me these errors:

 

Warning: fopen(../public/events//) [function.fopen]: failed to open stream: No such file or directory inD:Inetpubwebscoroconcorezzoitcircolinoeditevent.php on line 42Warning: fopen(../public/events//) [function.fopen]: failed to open stream: No such file or directory inD:Inetpubwebscoroconcorezzoitcircolinoeditevent.php on line 49Warning: fread(): supplied argument is not a valid stream resource in D:Inetpubwebscoroconcorezzoitcircolinoeditevent.php on line 50Warning: fclose(): supplied argument is not a valid stream resource in D:Inetpubwebscoroconcorezzoitcircolinoeditevent.php on line52

Share this post


Link to post
Share on other sites

The errors told you exactly what the problem is. Read them.

Share this post


Link to post
Share on other sites

The errors told you exactly what the problem is. Read them.

Pheraps I fail to open stream, or I have no file or directory.. Or the supplied argument is not a valid stream resource, I don't know.. Or there are two /?

Share this post


Link to post
Share on other sites

"No such file or directory" means that the file doesn't exist. The error message even told you what file you told it to open: ../public/events//

 

That means that "$path/$edit" evaluates to "../public/events//"

It's up to you to make sure that the path and filename are correct.

Share this post


Link to post
Share on other sites

"No such file or directory" means that the file doesn't exist. The error message even told you what file you told it to open: ../public/events//

 

That means that "$path/$edit" evaluates to "../public/events//"

It's up to you to make sure that the path and filename are correct.

$path = '../public/events';$edit = $path .'/'. $_GET['edi'];  $newdata = $_POST['newd'];if ($newdata != '') {	$fw = fopen($edit, 'w') or die('Could not open file!');	$fb = fwrite($fw,stripslashes($newdata)) or die('Could not write to file');	fclose($fw);}  	$fh = fopen($edit, "r") or die("Could not open file!");  	$data = fread($fh, filesize($edit)) or die("Could not read file!");  	fclose($fh);echo "<h7>Modifica l'evento</h7><p><form action="$_SERVER[php_self]" method= "post" ><textarea name="newd" cols="100%" rows="18"> $data </textarea><input type="submit" value="Salva modifiche" ></form>";

Yeah, I managed to solve it. With this code is working, but now the problem is that when I click on button txt file is saved, but the textarea remains freezed. How can I redirect on another page, such as a edit-confirmed page?

Thank you!

Share this post


Link to post
Share on other sites

In PHP the way to redirect is using a location header:

 

header('Location: http://website.com/page.html');

 

 

The header() function must be called before any HTML, text or echo statements. Despite this warning, if you do happen to come across an error that says "Headers already sent" see how to solve it here: http://w3schools.invisionzone.com/index.php?showtopic=44106

Share this post


Link to post
Share on other sites

In PHP the way to redirect is using a location header:

header('Location: http://website.com/page.html');

The header() function must be called before any HTML, text or echo statements. Despite this warning, if you do happen to come across an error that says "Headers already sent" see how to solve it here: http://w3schools.invisionzone.com/index.php?showtopic=44106

Not working. This is redirecting to my new page as entering my php page, but I would like to redirect after clicking the button of the form.

Share this post


Link to post
Share on other sites

Well, that depends on where you call the header() function from. You should tell PHP to only call the header() function after the form is submitted.

Share this post


Link to post
Share on other sites

Well, that depends on where you call the header() function from. You should tell PHP to only call the header() function after the form is submitted.

<?php			// set file to read$path = '../public/events';$edit = $path .'/'. $_GET['edi'];  $newdata = $_POST['newd'];if ($newdata != '') {	$fw = fopen($edit, 'w') or die('Could not open file!');	$fb = fwrite($fw,stripslashes($newdata)) or die('Could not write to file');	fclose($fw);}  	$fh = fopen($edit, "r") or die("Could not open file!");  	$data = fread($fh, filesize($edit)) or die("Could not read file!");  	fclose($fh);echo "<h7>Modifica l'evento</h7><p><form action="$_SERVER[php_self]" method= "post" ><textarea name="newd" cols="100%" rows="18"> $data </textarea><input type="submit" value="Salva modifiche" ></form>";header('Location: ./Index.php');exit;?>

Not working.

Share this post


Link to post
Share on other sites

You haven't checked that the form was submitted. You're telling it to redirect every time. Aside from that, you're sending the header after having used an echo statement.

Share this post


Link to post
Share on other sites

You haven't checked that the form was submitted. You're telling it to redirect every time. Aside from that, you're sending the header after having used an echo statement.

You are not telling me the solution. I know that I need to redirect only if the submit button is pressed, but I don't know how to do it.

header('Location: ./Index.php');bla bla blaecho "<h7>Modifica l'evento</h7><p><form action="$_SERVER[php_self]" method= "post" ><textarea name="newd" cols="100%" rows="18"> $data </textarea><input type="submit" value="Salva modifiche" name="submitted"></form>";if($_SERVER['REQUEST_METHOD'] == "POST") {	exit;}

Not working. Found here: http://electrokami.com/coding/the-correct-way-to-check-php-form-submission/ last paragraph.

Share this post


Link to post
Share on other sites

You can know if the form was sent by checking if any of the form elements were set. Most often the submit button is used.

 

if(isset($_POST['submit'])) {    header('Location: http://website.com/file.php');}

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...