On Jul 26, 2011, at 2:17 PM, Eric Cope wrote: > Hey Joe, > That script has the basics to get it working, but there is a big caveat. You need to scrub the form input to prevent ALL malicious inputs from reaching the file. I'd hate to see someone put "rm -rf /" in the file and execute it. I don't see any code that's actually executing the user-submitted data. If someone submitted 'rm -rf /', that string would be saved to the txt file, but there's no inherent danger in that. Joe: Make sure that the file you're writing to is outside of the web server's document root. If you can browse to the txt file, then there is a security problem. Someone could submit malicious HTML/JavaScript/etc and then get others to view it. > On Tue, Jul 26, 2011 at 1:42 PM, wrote: > > > $name = $_POST['name']; > $email = $_POST['email']; > $fp = fopen("formdata.txt", "a"); > $savestring = $name . "," . $email . "n"; That "n" should be a "\n". > fwrite($fp, $savestring); > fclose($fp); > echo "Your data has been saved in a text file.>"; Remove the final ">" in that string. Or change it to '>' if you want to see a '>'. http://en.wikipedia.org/wiki/Character_encodings_in_HTML#HTML_character_references > ?> > > 3) "input-text.htm" containing this code: > >
> Name:
> Email:
>
> > When I try to run it, it just displays the php code > and I see these messages repeated several times: Sounds like your web server is not configured to execute PHP scripts. Make sure that PHP is installed, and that Apache (or other web server) is configured appropriately. http://www.php.net/install > > QPainter::begin: Widget painting can only begin as a result of a paintEvent > QPainter::translate: Painter not active > QPainter::setClipRect: Painter not active > QPainter::font: Painter not active > QPainter::setFont: Painter not active > QPainter::setPen: Painter not active > QPainter::worldTransform: Painter not active > QWidget::repaint: Recursive repaint detected > QWidget::repaint: Recursive repaint detected Those are QT errors. I have no idea why you're seeing them as the result of a web form submission. alex --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss