PHP blog using forms

DJMK4 · 30 Apr 2007 at 19:22

OK, i have a website made up of XHTML and CSS, what i want is to be able to post news and info on one of the pages using PHP, but i dont want to have to keep editing the html, i want to create a form on a seperate page when i can enter the news and info, when i push submit i want it to submit the form but post the main message field into one of the XHTML Pages (news) in a layed out fashion in the body div..Similar to below:

---------Todays Date, Current Time--------------------------
NEWS NEWSNEWSNEWSNEWSNEWSNEWSNEWSNEWSNEWSNEWS

------------------------------------------------------------

Can anybody shed any light on the best way to do this?

Any tutorials will be great!

Clarkey · 30 Apr 2007 at 19:37

database is going to be be far the easiest way of doing this. There are a million and one tutorials on the web regarding this topic.

DJMK4 · 30 Apr 2007 at 20:13

Could it not be done by using php and a txt file? i dont need it to be fancy, i just want a bog standard blog.

sirlemonhead · 30 Apr 2007 at 20:16

databases are still easier

marc2003 · 30 Apr 2007 at 20:56

definitely database. writing a textarea to a textfile from a form would have course only require a couple of lines of code, but managing your posts is where the database comes into play. things like auto-incrementing the page/article id and displaying the data is where it comes into it's own. using txt files you'd have to keep track of everything manually.

why not use a proper blog package such as wordpress. it seems every man and his dog has a site based on this nowadays.

meghatronic · 30 Apr 2007 at 21:01

sirlemonhead said:
databases are still easier

Nahhhhh.....

Have this on an admin page*:

Code:

<form method="POST" action="form.php" name="news">
	<font face="Tahoma" size="2">new:</font>
	<br>
	<textarea name="c" style="width: 350px; height: 100px"></textarea>
	<br>
	<input type="submit" value="Add" name="submit">
</form>
<br>
<br>
<font face="Tahoma" size="2">news:</font><br>
<?php include("file.txt"); ?>

Create a file called form.php:

Code:

<?php
$datfile = "file.txt";
$max = 250;
$num = 1000;
$todayis = date("l, F j, Y, g:i a");
$comfile = file($datfile);
if ($c != "") {
if (strlen($c) < $max) {
$fd = fopen ($datfile, "w");
$c = stripslashes($c);

fwrite ($fd, "<p><table><tr><td>$todayis</td></tr><tr><td>$c</td></tr></table></p>\n");
for ($i = 0; $i < $num; $i++) {
fwrite ($fd, $comfile[$i]);
}
}
fclose($fd);
}
Header("Location: ADMIN PAGE URL");
?>

Create a file called file.txt, chmod it to give writing permissions and then just call the file with:

Code:

<?php include("file.txt"); ?>

...where you want the 'news' to go. The html in the text will be read and treated as such.

* SECURE it! You'll want to prevent using most symbols I imagine using str replace (e.g. using above could include an iframe to another site, applets etc...) so once again SECURE IT! Change tables --> Div etc..

EDIT - I also can't be bothered correctly writing the HTML as I assumed you'd have your own site stylesheets etc...

DJMK4 · 30 Apr 2007 at 21:23

jdickerson said:
Nahhhhh.....

Have this on an admin page*:

Code:

<form method="POST" action="form.php" name="news"> <font face="Tahoma" size="2">new:</font> <br> <textarea name="c" style="width: 350px; height: 100px"></textarea> <br> <input type="submit" value="Add" name="submit"> </form> <br> <br> <font face="Tahoma" size="2">news:</font><br> <?php include("file.txt"); ?>

Create a file called form.php:

Code:

<?php $datfile = "file.txt"; $max = 250; $num = 1000; $todayis = date("l, F j, Y, g:i a"); $comfile = file($datfile); if ($c != "") { if (strlen($c) < $max) { $fd = fopen ($datfile, "w"); $c = stripslashes($c); fwrite ($fd, "<p><table><tr><td>$todayis</td></tr><tr><td>$c</td></tr></table></p>\n"); for ($i = 0; $i < $num; $i++) { fwrite ($fd, $comfile[$i]); } } fclose($fd); } Header("Location: ADMIN PAGE URL"); ?>

Create a file called file.txt, chmod it to give writing permissions and then just call the file with:

Code:

<?php include("file.txt"); ?>

...where you want the 'news' to go. The html in the text will be read and treated as such.

* SECURE it! You'll want to prevent using most symbols I imagine using str replace (e.g. using above could include an iframe to another site, applets etc...) so once again SECURE IT! Change tables --> Div etc..

EDIT - I also can't be bothered correctly writing the HTML as I assumed you'd have your own site stylesheets etc...

Yep i have my own style sheet etc. Im going to have ago at both ways to see which gives best results, i have already found a tutorial on the web and mocked up my own version of the php/sql one but im yet to test it and iron out the bugs.

With this txt file one. just a few questions for you...

1) Could you explain abit more when you mean "Secure it" im abit confuzzled?

2) "Create a file called file.txt, chmod it to give writing permissions" - Whats chmod, iv never run into this phrase before?

meghatronic · 30 Apr 2007 at 22:37

Sql is the better way.

[Sniper][Wolf] said:
1) Could you explain abit more when you mean "Secure it" im abit confuzzled?

well, you'd need to primarily secure the admin file, so putting it in a passworded directory, .htaccess, simple md5 password etc... Secondly, you'd need to ensure that NO html characters can be written to the file. e.g. off the www:

Possible Fixes or Improvements
Escape HTML appropriately either before you save it or before you display it. You can use PHP's built-in functions htmlspecialchars or htmlentities for this purpose.

If you want untrusted users to use HTML for formatting, you should perform validation to restrict the available HTML tags to a basic tags set, like <b> and <i>.

[Sniper][Wolf] said:
2) "Create a file called file.txt, chmod it to give writing permissions" - Whats chmod, iv never run into this phrase before?

Chmod is a file system permissions thing. You need to chmod the file using an ftp program or your control panel file manager. 777 off the top of my head. This lets php 'write' to the file.