Saving Input to a file using PHP or Java

**kevinr543** · 05-22-2012 01:38 PM

Hello Everyone,
I'm having a bit of trouble writing a small web page. My goal is to have a very basic page that will allow users to input their email address and store it on a server side file such as .txt (or anything really) that way I can go in later and ensure they're all registered correctly.

I'm using the code below to setup the email field however I'm unable to figure out how to store these once the submit button is pressed. I'd prefer this not use ActiveX or anything like that to run. I'd like this to just be a simple web page with no pop ups or permissions required. If anyone can give me any assistance I'd greatly appreciate it.

Code:

<html>
<body>

Email Address:<input type="text" name="email1">
<BR>
<input type="submit" value="Submit">


<?PHP
$email = $_POST['email1'];


?>

</body>
</html>

Thanks,
Kevin

**dukesdemise** · 05-22-2012 02:05 PM

PHP Code:


$email = $_POST['email1'];

Well for starters, this is an obvious security problem. You need to filter all user input. The above code could make your application vulnerable to a command injection attack.

To answer your question, you could store any needed information into the $_SESSION superglobal. For example...

PHP Code:


<?php

session_start();

$_SESSION['email_addr'] = $email;

// ...more code here

?>

See the online manual for more information:

http://www.php.net/manual/en/reserve...es.session.php

**kevinr543** · 05-23-2012 09:40 AM

Originally Posted by dukesdemise

PHP Code:


$email = $_POST['email1'];

Well for starters, this is an obvious security problem. You need to filter all user input. The above code could make your application vulnerable to a command injection attack.

To answer your question, you could store any needed information into the $_SESSION superglobal. For example...

PHP Code:


<?php



session_start();



$_SESSION['email_addr'] = $email;



// ...more code here



?>

See the online manual for more information:

http://www.php.net/manual/en/reserve...es.session.php

Thanks for the assistance. Once something like this was put in how would I go about converting this to a file which would be easily accessible to myself or other staff?

Thanks

**kevinr543** · 05-25-2012 10:51 AM

Anyone?

**kbduvall** · 05-26-2012 08:34 PM

Of course, filter user input as always. A golden rule: never trust data from an outside source whether it's from a user, an RSS feed, or anyone else.

Once you've taken all security precautions, you could do something like this:

PHP Code:


if ($file = fopen('email_addresses.txt', 'a'))
{
    if (fwrite($file, $email) !== false)
    {
        echo "Added email";
    } else {
        echo "Couldn't write to the file."
    }
} else {
    echo "Couldn't open the file.";
}

Thread: Saving Input to a file using PHP or Java

Thread Tools

Display

Saving Input to a file using PHP or Java

Thread Information

Users Browsing this Thread

Bookmarks

Bookmarks

Posting Permissions