1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need some PHP help for a tool.

Discussion in 'Making Money' started by ThePayRoll, Mar 2, 2011.

  1. ThePayRoll

    ThePayRoll BANNED BANNED

    Joined:
    Dec 1, 2010
    Messages:
    230
    Likes Received:
    86
    The problem is, I found this code on my machine from awhile ago, I don't know jack-shit worth of PHP, the problem is, when I post anything into the textbox ex:
    Code:
     <iframe src="http://google.com"></iframe> 
    this is what shows up in the file I create:
    Code:
    <iframe src=\"http://google.com\"></iframe>
    Does anyone know how to fix this? Basically just to remove the backslashes \

    Here's the PHP code:
    Code:
    <?PHP
     
    if(isset($_POST['filename']))
    {
    	$filename = $_POST['filename'];
    	$text = $_POST['text'];
    
    	$filename = "files/$filename"; #Must CHMOD to 666
    }
    ?>
    <html>
    <head>
    <title></title>
    </head>
    <body>
    <?php
    if(isset($_POST['filename']))
    {
    	$fp = fopen ($filename, "w"); # w = write to the file only, create file if it does not exist, discard existing contents
    	if ($fp) {
    		fwrite ($fp, $text);
    		fclose ($fp);
    		echo ("File written");
    	}
    	else {
    		echo ("File was not written");
    	}
    }else{
    ?>
    <form name="form1" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
    filename: <input name="filename" type="text" size="20">
    <BR>
    content:
    <BR>
    <TEXTAREA NAME="text" COLS=40 ROWS=6></TEXTAREA>
    <BR>
    <input type="submit" name="submit" value="save file">
    </form>
    <?php } ?>
    </body>
    </html>
    
    I know I can download the file I create and just remove the \ but that totally defeat's the purpose.

    Anyone experienced in PHP know or have any idea on how to fix this?
     
  2. arasferra

    arasferra Registered Member

    Joined:
    Nov 5, 2009
    Messages:
    99
    Likes Received:
    13
    fwrite ($fp, stripslashes($text));
     
    • Thanks Thanks x 1
  3. Autumn

    Autumn Elite Member

    Joined:
    Nov 18, 2010
    Messages:
    2,197
    Likes Received:
    3,041
    Occupation:
    I figure out ways to make money online and then au
    Location:
    Spamville
    • Thanks Thanks x 1
  4. ThePayRoll

    ThePayRoll BANNED BANNED

    Joined:
    Dec 1, 2010
    Messages:
    230
    Likes Received:
    86
    Thank you both sooooooo much!
    I appreciate it so very much!
     
  5. johnniew

    johnniew Jr. VIP Jr. VIP Premium Member

    Joined:
    Jun 12, 2009
    Messages:
    182
    Likes Received:
    165
    You can also just use preg_replace;

    See my good below, its should work.. test it & Enjoy (don't write Thank you.. Click on Thanks :) )
    PHP:
    <?PHP
     
    if(isset($_POST['filename']))
    {
        
    $filename $_POST['filename'];
        
    $text $_POST['text'];

        
    $filename "files/$filename"#Must CHMOD to 666
    }
    ?>
    <html>
    <head>
    <title></title>
    </head>
    <body>
    <?php
    if(isset($_POST['filename']))
    {
        
    $fp fopen ($filename"w"); # w = write to the file only, create file if it does not exist, discard existing contents
        
    if ($fp) {
            
    fwrite ($fp$text);
            
    fclose ($fp);
            echo (
    "File written");
        
    $file $filename;
        
    $fh fopen($file'r+');
        
    $contents fread($fhfilesize($file));
        
    $new_contents preg_replace('/\\\\/','',$contents);
        
    $fh fopen($file'r+');
        
    fwrite($fh$new_contents);
        
    fclose($fh);
        }
        else {
            echo (
    "File was not written");
        }
    }else{
    ?>
    <form name="form1" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
    filename: <input name="filename" type="text" size="20">
    <BR>
    content:
    <BR>
    <TEXTAREA NAME="text" COLS=40 ROWS=6></TEXTAREA>
    <BR>
    <input type="submit" name="submit" value="save file">
    </form>
    <?php ?>
    </body>
    </html>
     
    • Thanks Thanks x 1
  6. ThePayRoll

    ThePayRoll BANNED BANNED

    Joined:
    Dec 1, 2010
    Messages:
    230
    Likes Received:
    86
    But the thing is, I would need it to allow "/" but not have "\" and whenever I would put
    Code:
    <iframe src="http://google.com"></iframe>
    wouldn't it replace the "/' ?
     
  7. altschule

    altschule Regular Member

    Joined:
    Sep 1, 2010
    Messages:
    282
    Likes Received:
    185
    Location:
    Sector 9
    No. In PHP the back slash (\) is a way of escaping something, say you have a variable

    Code:
    $string = "This is a \"quote\" from my favorite book.";
    It will still allow the "QUOTE" but wont actually show the slashes.

    In your case the slashes are added so it wont think it's the end of your variable and shoot an error. check out http://php.net/stripslashes
     
  8. coderjeff

    coderjeff Junior Member

    Joined:
    Nov 20, 2007
    Messages:
    130
    Likes Received:
    26
    Location:
    USA
    Your version of php is apparently configured to use magic_quotes_gpc, which escapes all single-quote, double-quote, backslash, and NULL characters that appear in any HTTP request (GET, POST, or COOKIE.)

    The preferred solution is to call stripslashes() only if slashes might have been added because of magic_quotes. This can be done by checking if magic_quotes is on.

    Code:
    <?php
    
    if (get_magic_quotes_gpc())
      $text = stripslashes($_POST['text']);
    else
      $text = $_POST['text'];
    
    
    if(isset($_POST['filename']))
    {
    	$filename = $_POST['filename'];
    	$filename = "files/$filename"; #Must CHMOD to 666
    }
    
    ...