homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

form info to text file

 1:04 am on Mar 20, 2003 (gmt 0)

Thanks jatar for the excellent help a few months ago. I have been using Jack's formmail with a bit of php script you suggested to both send the form info by email, and also to insert it into a .txt file on the server. The code I put in was:

$writestring = "\"" . $name . "\",\"" . $phone . "\",\"" . $email . "\",\"" . $date . "\",\"" . $comments . "\"\r\n";

$filepointer = fopen("file-home.csv","a");

Now I have two questions:

1. Is this safe if hackers try to attack?

2. I need to know where the form originated. I have five businesses using five forms on five html pages. Each busienss has it's own server directory, and each directory has a form and index.html page set up just for that business. But, all the info from all the forms must go into the ONE .txt file. Is there an easy bit of code I could put in the form so it would automatically send a new field (business#1 for instance) so I would know where it was coming from. Ideally it would only go to the .txt file, and not in the email message. But I would live with it if "business#1" went to both email and .txt.

What I'm trying to end up with is a text file with:
name, phone, email, date, comments - all entered by the user
business#1 - last entry in the .txt file would be automatically entered and would show me from which web page or business the info orginated.

Thanks a bunch. I wouldn't have gotten this far without your help.



 1:23 am on Mar 20, 2003 (gmt 0)

1) Are you filtering out bad chars? Like if someone put in
aaron,"\r\n for the name value, what would happen to the script? It would screw up the formatting of your text file.

2) You could put a hidden field in your form to specify the business it's coming from.
<input type=hidden name=business value=business1>


 1:28 am on Mar 20, 2003 (gmt 0)

No, I haven't done any filtering, and that's the kind of info I needed. What do you suggest on it? I'm a real neophyte at php.


 1:47 am on Mar 20, 2003 (gmt 0)

<input type="hidden" name="refer" value="<?=$_SERVER['HTTP_REFERER']?>" />


 3:52 am on Mar 20, 2003 (gmt 0)

Since I stuck this piece of script into Jack's formmail, wouldn't all the security measure in Jack's also apply to the bit of script I have that sends form data to a .txt file?


 4:25 pm on Mar 21, 2003 (gmt 0)


I've looked all over searching on the php sites for:

<input type="hidden" name="refer" value="<?=$_SERVER['HTTP_REFERER']?>" />

But I can't find it. What does it do? Do I have to change any variable in it, or just put it in the form as is?


 4:49 pm on Mar 21, 2003 (gmt 0)


The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.

The from element, obviously, grabs it on load (if available) and writes it into the hidden value and sends it off to the processor.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved