1 reply to this topic

[Matt L]

Right, I've tried to make a PHP file editor for my site. There's only one problem - it doesn't work.

<?php

$disp = $_GET['display'];

if (isset($_POST['submit'] ) ) {
   if (is_writable($_GET['display'] ) ) {
       
       if (!$handle = fopen($disp, 'w' ) ) {
           echo "Cannot open file ($disp)";
           exit;
       } else (fwrite($handle, $_POST['fileedit'] ) === FALSE ); {
           echo "Cannot write to file ($disp)";
           exit;
       }
       fclose($handle);
       
       
   }
   header("Location: index.php");
   exit;
   
}

echo "<div style='float: left;'><b>Pick a file to edit:</b><br />";
$dir = "../file_editor";

if ($dh = opendir($dir) ) {
   while (( $file = readdir($dh ) ) !== false ) {
       if ($file != '.' && $file != '..' && is_file($file ) ) {
           echo "<a href='index.php?display=$file'>$file</a><br />";
       }
   }
   closedir($dh);
}

if (preg_match("/.+?\.\.\//", $disp ) ) {
   die('Cant do that.');
} else if (preg_match("/.+?\.\//", $disp ) ) {
   die('Cant do that.');
} else if (preg_match("/^index/", $disp ) ) {
   die('Cant do that.');
} else if (preg_match("/^\//", $disp ) ) {
   die('Cant do that.');
}
echo "</div>";
?>

<html>
<head>
<title>File Editor</title>
</head>
<body>
 <div style='float: top'>
 <form action='<?php echo $_SERVER["PHP_SELF"]; ?>' method='post'>
 <center>
 <textarea cols=80 rows=40 name=fileedit>
<?PHP

 $text = file_get_contents($disp);

 echo stripslashes($text);

?></textarea><BR />
 <input type='submit' name='submit' value='Edit!'>
 </center>
 </form>
 </div>
<?php
$load = microtime();
print (number_format($load,2));
?> 
</body>
</html>

It doesn't say that there's an error and I have folder and file settings CHMOD'd to 777.

Here's the page

[Squid]

Hmm I can't see so fast what's wrong with it. The thing I always do when I'm stuck is trying out different things, and just hope it works