0

I need to save a submitted form as a text file in a different folder than the submission form?

I have this form below i use at the moment which is working fine. But i want to save the form in a different folder like /submission/ for example.It should be the part $filename = but i got syntax error when i try to add a folder name there.

 if (!file_exists(date('Ymd'))) {
   mkdir(date('Ymd'), 0777, true);
 }
 if (!file_exists($username)) {
   mkdir($username, 0777, true);
 }
        $filename = date('Ymd')."/" . $product . "-" .$username . ".txt";
        $filename1 = $username."/" . date('YmdHis') . ".txt";
        if (!file_exists($filename)) {
            $fh = fopen($filename, 'w') or die("Can't create file");
        }
        $ret = file_put_contents($filename, $data, FILE_APPEND | LOCK_EX);
        if($ret === false) {
            die('There was an error writing this file');
        }
        else {
            echo "Your Keywords And Urls Submitted";
        }
         if (!file_exists($filename1)) {
            $fh = fopen($filename1, 'w') or die("Can't create file");
        }
        $ret = file_put_contents($filename1, $data, FILE_APPEND | LOCK_EX);
        if($ret === false) {
            die('There was an error writing this file');
        }
        else {

                       var_dump($producttmp['product_id']);


        }
    }
    else {
       die('no post data to process');
    }
BB1907
  • 59
  • 1
  • 2
  • 6
  • Might be a conflict between `fopen($filename1, 'w')` w instead of `'a'` where you have `FILE_APPEND` in your constant. Files are not closed, which also might cause problems. – Steve Feb 13 '16 at 02:29
  • Thanks mate i really have no php knowledge so i want to be sure if i asked the right question.What i want instead of this: $filename = date('Ymd')."/" . $product . "-" .$username . ".txt"; - $filename = ../myfoldername/ date('Ymd')."/" . $product . "-" .$username . ".txt"; – BB1907 Feb 13 '16 at 02:32
  • http://php.net/manual/en/function.fopen.php php.net is a good source of info for most things you might want to know. Hope that worked. – Steve Feb 13 '16 at 02:36
  • `'../myfoldername/' .` in single inverted commas or the `..` could be confused with concatenation. You might also need the full server path, not just the relative one for writing to files. – Steve Feb 13 '16 at 02:50
  • I guess i understand what you mean the problem starts from here: " if (!file_exists(date('Ymd'))) { mkdir(date('Ymd'), 0777, true); } if (!file_exists($username)) { mkdir($username, 0777, true); }" I guess i have to make dir /submit/$username but i don't know the syntax and how to add ".." because the folder i m trying to save is in under public_html/submit/ – BB1907 Feb 13 '16 at 03:05
  • 1
    Use the full path - Linux Apache path would be something like `'/var/www/mysite/public_html/submit/' . $username` – Steve Feb 13 '16 at 03:10
  • OK mate will i include the " ' " these too? i mean single inverted comas? – BB1907 Feb 13 '16 at 03:12
  • Yes - I find singles are usually safest as they mean 'absolutely what I have typed' where double ones can include variables - though some disapprove of code like `"mypath/$username"` If you don't know what the path is stick a single backslash in your page and look at the path which is displayed in the error message which will result if you have error reporting on - which you should have for development. – Steve Feb 13 '16 at 03:15
  • Any time about now I would expect a flurry of comments and even downvotes about the security of this code as it would be possible to inject all sorts of nasty malicious scripts via your form into `$data` which would jump up and bite anyone who opened the output file in a browser. At least change the `$data` into `htmlspecialchars($data)` which will break script tags. You may have done this in code unseen but if not...how to do it and undo it to get HTML back http://stackoverflow.com/questions/11257232/reverse-htmlspecialchars – Steve Feb 13 '16 at 03:43
  • @steve i did it mate thanks a miliion=))) – BB1907 Feb 13 '16 at 03:54
  • Post what you did and mark it as accepted in a while - though maybe wait for someone to post a better solution just in case. Well done! You could chmod the files back to 644 so they are no longer writable in between times and add code to prevent the file from being flushed to nothing if a user refreshes the browser using `ignore user abort(true)` and `ignore user abort(false)` after file is written to see post by simon dot riget on http://php.net/manual/en/function.fopen.php This might also be worth \ read http://php.net/manual/en/function.file-put-contents.php – Steve Feb 13 '16 at 04:09
  • I am not sure you need both file open `fopen(...` and `file_put_contents(...`statements as the `file_put_contents($filename...` call should deal with creating the file if it does not exist - though it will have problems if the directory does not exist. Using `fopen` seems to duplicate the effort. – Steve Feb 13 '16 at 04:14

0 Answers0