BetterPHP

Hey guys,
im working next to school on a little 'CMS' (just for fun). It's pretty simple, just a site-selection, the textarea to edit and a save button. It actually works fine, I can see all my content and also can edit it an save it, but when I hit the save-button (in german: speichern) it all get's save at the index.php.
For example: I'm at site 'geschichte.php' with the content 'abc' and I edit the content to 'abcdef' it's get saved in index.php.
(As always, I'm having a hard time to explain )

Here is my script:

[syntax=php]
<html>
<form method="post" action="">
<select name="seitenauswahl" size="1">
<option value="blabla/index.php">Index</option>
<option value="blabla/geschichte.php">Geschichte</option>
</select>&nbsp;

<input name="enter" type="submit" value="Auswählen"/>
</form>
<hr />

<!-- Quelltext-Editor (Script)-->
<?php
$Seite = $_POST["seitenauswahl"]; /* preeeeetty messy part :'D */
$edit = $Seite;
if (empty($edit)) {
$edit ="blabla/index.php";
$Seite = $edit; /* preeeeetty messy part :'D */
}

if(isset($_POST["dateiinhalt"]) && $dateiinhalt = $_POST["dateiinhalt"])
{

$handle = fopen($edit,"w");
fwrite($handle,$dateiinhalt);
fclose($handle);

echo '<p style="color:green;margin-bottom:20px;">'."\n";
echo 'Datei erfolgreich editiert!'."\n";
echo '</p>'."\n";
}
$fileinhalt = file_get_contents($edit);
?>


<!-- Quelltext-Editor (Eingabefeld)-->

<form action="" method="post">
Quelltext von der Datei im Pfad "<?php echo "$Seite"; ?>" bearbeiten:<br><br>

<!-- Currently editing file.... if you don't understand it :') -->

<textarea style="width:1500px;height:300px;" name="dateiinhalt">
<?php echo $fileinhalt; ?>
</textarea><br><br>

<input type="submit" name="submit" value="Speichern">
</form>
</html>
[/syntax]

I somehow need to write, when I hit save (=Speichern) that it should save the content on the current file (which I'm editing) and not at index.php.

Aww man it's soo easy and I don't get it :@
Anyways, I hope someone can help me!

I'm not too sure I understand you. fwrite() will remove all data on the file you want to edit, then add. Also, remove the variables calling on variables. $Seite is pointless. You can call everything you need by $edit. If you need to edit other files, you need to add more options to your dropdown.

Yea, I've commented it, that the part with $Seite is pretty messy Don't know what i've thought while writing this
Well my problem is not, that i can only edit 2 sites. My problem is:

If I go at the selection to site2 and type "Hello World" and hit save, the content (-> "Hello World") gets save in site1 and not, as thought, in site2. Also, if i edit site3 and hit save, it'll get saved in site1! :/

I somehow need to write, that when I hit save, the content will get saved in the current file (like in example site2) and not in the first file (site1)

Remove $edit = $Seite; I'm not sure why that's your problem but it seems it is. Change all $Seite to $edit or vice versa.

Well if I'm doing it like that:

[syntax=php]<?php
$edit = $_POST["seitenauswahl"];

if(isset($_POST["dateiinhalt"]) && $dateiinhalt = $_POST["dateiinhalt"])
{

$handle = fopen($edit,"w");
fwrite($handle,$dateiinhalt);
fclose($handle);

echo '<p style="color:green;margin-bottom:20px;">'."\n";
echo 'Datei erfolgreich editiert!'."\n";
echo '</p>'."\n";
}
$fileinhalt = file_get_contents($edit);
?>[/syntax]

It'll say: Warning: fopen(): Filename cannot be empty
But I've set what file I want to edit :/

That means, for whatever reason, the $_POST["seitenauswahl"] is not in the post array and your earlier if(empty($edit)) { was taking over. Add print_r($_POST); before the fopen and post whatever is shown

Well, if I enter the site it says:

Warning: file_get_contents(): Filename cannot be empty [...]

If I choose a site, it seems all good

and when I hit save:

Array ( [dateiinhalt] => My Content [submit] => Speichern ) Warning: fopen(): Filename cannot be empty [...]

If I understood you right I should do it like that:
[syntax=php]<?php

$edit = $_POST["seitenauswahl"];

if(isset($_POST["dateiinhalt"]) && $dateiinhalt = $_POST["dateiinhalt"])
{

print_r($_POST);

$handle = fopen($edit,"w");
fwrite($handle,$dateiinhalt);
fclose($handle);

echo '<p style="color:green;margin-bottom:20px;">'."\n";
echo 'Datei erfolgreich editiert!'."\n";
echo '</p>'."\n";
}
$fileinhalt = file_get_contents($edit);
?>[/syntax]

It means your drop down is not submitting properly. Post the exact code you have for your html form

[syntax=xhtml]<html>
<head>
<title>CMS</title>
</head>

<body>
<form action="" method="POST">
<select name="seitenauswahl" size="1">
<option value="CT/index.php">Index</option>
<option value="CT/geschichte.php">Geschichte</option>
<option value="CT/blog.php">Blog</option>
<option value="CT/server.php">Server</option>
</select>&nbsp;
<input type="submit" name="enter" value="Auswählen"/>
</form>
<hr />

<!-- Quelltext-Editor (Script)-->
<?php

$edit = $_POST["seitenauswahl"];

if(isset($_POST["dateiinhalt"]) && $dateiinhalt = $_POST["dateiinhalt"])
{

$handle = fopen($edit,"w");
fwrite($handle,$dateiinhalt);
fclose($handle);

echo '<p style="color:green;margin-bottom:20px;">'."\n";
echo 'Datei erfolgreich editiert!'."\n";
echo '</p>'."\n";
}
$fileinhalt = file_get_contents($edit);
?>


<!-- Quelltext-Editor (Eingabefeld)-->
<form action="" method="post">
Quelltext von der Datei im Pfad "<?php echo $edit; ?>" bearbeiten:<br><br>
<textarea style="width:1500px;height:300px;" name="dateiinhalt">
<?php echo $fileinhalt; ?>
</textarea><br><br>
<input type="submit" name="submit" value="Speichern">
</form>
</body>
</html>[/syntax]

There were a few issues I found when running the code on my site. First, textareas take empty spaces very seriously. All that empty space you had between the opening <textarea> and closing </textarea> caused your fopen() issue. Second, you aren't checking if $_POST['seitenauswahl'] even exists. Third, you should move all php validation and such to the top of the page. Here is a working version of your file. I have no idea why your print_r() did not show the dropdown but mine did.
[syntax=php]<html>
<head>
<title>CMS</title>
</head>

<body>
<form action="" method="POST">
<select name="seitenauswahl" size="1">
<option value="CT/index.php">Index</option>
<option value="CT/geschichte.php">Geschichte</option>
<option value="CT/blog.php">Blog</option>
<option value="CT/server.php">Server</option>
</select>&nbsp;
<input type="submit" name="enter" value="Auswählen"/>
</form>
<hr />

<!-- Quelltext-Editor (Script)-->

<?php


if(empty($_POST["seitenauswahl"])) {

$edit = "CT/index.php";

} else {

$edit = $_POST["seitenauswahl"];

}

if(isset($_POST["dateiinhalt"]) && $dateiinhalt = $_POST["dateiinhalt"])
{

$handle = fopen($edit,"w");
fwrite($handle,$dateiinhalt);
fclose($handle);

echo '<p style="color:green;margin-bottom:20px;">'."\n";
echo 'Datei erfolgreich editiert!'."\n";
echo '</p>'."\n";
}

$fileinhalt = file_get_contents($edit);

?>

<!-- Quelltext-Editor (Eingabefeld)-->
<form action="" method="post">
Quelltext von der Datei im Pfad "<?php echo $edit; ?>" bearbeiten:<br><br>
<textarea style="width:1500px;height:300px;" name="dateiinhalt"><?php echo $fileinhalt; ?></textarea><br><br>
<input type="submit" name="submit" value="Speichern">
</form>
</body>
</html>[/syntax]

Aah I see Yeah it works fine, but i've got my old problem:

If i switch at the selection to site 2 and type "ABC" and hit save, "ABC" will get saved in site 1 and not in site 2! :/

Ah yes...silly me. You have two forms. So your dropdown will only work if you submit at the top of the page, which will also not allow for editing of the file. Combine the form into one and it will work. Something like this:
[syntax=php]<?php

if(empty($_POST['seitenauswahl'])) {

$edit = "CT/index.php";

} else {

$edit = $_POST["seitenauswahl"];

}

if(isset($_POST["dateiinhalt"]) && $dateiinhalt = $_POST["dateiinhalt"]) {

$handle = fopen($edit,"w");
fwrite($handle,$dateiinhalt);
fclose($handle);

$success = '<p style="color:green;margin-bottom:20px;">'."\n";
$success .= 'Datei erfolgreich editiert!'."\n";
$success .= '</p>'."\n";

}

$fileinhalt = file_get_contents($edit);

?>

<html>
<head>
<title>CMS</title>
</head>

<body>
<form action="" method="POST">
<select name="seitenauswahl" size="1">
<option value="CT/index.php">Index</option>
<option value="CT/geschichte.php">Geschichte</option>
<option value="CT/blog.php">Blog</option>
<option value="CT/server.php">Server</option>
</select>&nbsp;
<input type="submit" name="enter"  value="Auswählen"/>
<hr />

<?php

if(isset($success)) {

echo $success;

}

?>

Quelltext von der Datei im Pfad "<?php echo $edit; ?>" bearbeiten:<br><br>
<textarea style="width:1500px;height:300px;" name="dateiinhalt"><?php echo $fileinhalt; ?></textarea><br><br>
<input type="submit" name="submit" value="Speichern">
</form>
</body>
</html>[/syntax]

All right!
Works men, thanks! I wish you a happy new year

One littel question: htaccess is save and can't be cracked (expect you're using a simpel password -> brut force attack), am I right? So I could possibly use this little CMS on a homepage, in a folder which is locked by htaccess and htpasswd (best would be using it with SSL)?

SicX wrote:So I could possibly use this little CMS on a homepage, in a folder which is locked by htaccess and htpasswd (best would be using it with SSL)?

Use htaccess to block everyone but your own IP.
If your IP changes, just update the file.

[syntax=text]order deny,allow
deny from all
allow from 127.0.0.1[/syntax]

Ok, best would be using dyndns I think! Because changing everyday the htaccess would...
Does htaccess work with IPv6?

SicX wrote:Ok, best would be using dyndns I think! Because changing everyday the htaccess would...
Does htaccess work with IPv6?

Should do, never tested it though. I don't think any routers use IPv6 yet though do they ?

Hmm yeah, I was just asking
Back to the htaccess code, I've heard of tools which changes your IP! Wouldn't it be pretty simple to crack? And, does this IP thingy works together with htpasswd?

@jacek As you might have seen, I'm learning myself into fopen, fwrite and fclose. Could you please do a tutorial about it, and show how to edit a file (e.g. cfg) on another server (e.g. a gaming-server like Minecraft, Call of Duty etc. (You can also post a link, where you have used it))! It would help me so much!

I'm not sure how to set the server adress - just like that (?):
[syntax=php]<php
$filename = 'myserver:25565/test.txt';
?>[/syntax]

I don't see the need of editing a file on another server. In fact, I think it's illegal (depending on their TOS). Yes, there are proxy servers out there to mask IP addresses, however an IP block affects the single IP throughout the whole site unless you use another htaccess.

ExtremeGaming wrote:I don't see the need of editing a file on another server.

Would be nice to have all functions of your servers on one page But I think if you want to realize this, you'll need an own root server where your gamingserver is, your webspace and so on!

Thanks for helping guys! (:

You digress.

Continue this conversation in a new thread - locking this one for now (so it doesn't have hundreds of pages )
If you want it unlocked again just PM me or any other forum Admin/Mod.