Page 1 of 1

PHP Help Variables

Posted: Tue Aug 28, 2007 11:31 am
by IamTK
Weirdan | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Can someone tell me what's wrong with this code?

Code: Select all

$nhandle = fopen("upload/" . $_POST['docname'], a+");
$nstring = $_POST["uploaddoc"]; *Specifically, this line*
fwrite($nhandle, $nstring);
fclose($nhandle);
The error is

Parse error: syntax error, unexpected T_VARIABLE


Weirdan | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Tue Aug 28, 2007 11:44 am
by xpgeek
This code contain 2 syntax errors and 1 security error.

Posted: Tue Aug 28, 2007 1:16 pm
by IamTK
xpgeek wrote:This code contain 2 syntax errors and 1 security error.
can you tell me where?

and how to fix it?

Posted: Tue Aug 28, 2007 2:57 pm
by xpgeek
Do you learn php or do you use it in copy paste mode ? :wink:

Re: PHP Help Variables

Posted: Tue Aug 28, 2007 4:12 pm
by superdezign
IamTK wrote:$nhandle = fopen("upload/" . $_POST['docname'], a+");

[...]

Parse error: syntax error, unexpected T_VARIABLE
That line is the culprit. What is 'a' and why do you try to perform an addition operation on it and an empty string?

Posted: Tue Aug 28, 2007 6:41 pm
by Weirdan
What is 'a' and why do you try to perform an addition operation on it
read about fopen() modes

Re: PHP Help Variables

Posted: Tue Aug 28, 2007 9:18 pm
by IamTK
superdezign wrote:
IamTK wrote:$nhandle = fopen("upload/" . $_POST['docname'], a+");

[...]

Parse error: syntax error, unexpected T_VARIABLE
That line is the culprit. What is 'a' and why do you try to perform an addition operation on it and an empty string?
a+ moves the pointer to the last character and + makes it writable. It means, write the file at the last character. And yes, I do learn PHP myself.

Re: PHP Help Variables

Posted: Wed Aug 29, 2007 3:30 am
by Steve Mellor
IamTK wrote:

Code: Select all

$nhandle = fopen("upload/" . $_POST['docname'], a+");
$nstring = $_POST["uploaddoc"]; *Specifically, this line*
fwrite($nhandle, $nstring);
fclose($nhandle);
OK, since no one else seams to want to help. You said the problem is with the line:

Code: Select all

$nstring = $_POST["uploaddoc"];
Well it isn't. This often happens in PHP with error codes. It experiences an error on the line after a mistake in the code, usually where a string isn't closed or there's a missing semi-colon.

Well, in your fopen statement you've got:

Code: Select all

$_POST['docname'], a+");
The a+" should be "a+" which means PHP is treating the rest of your script as a string, until it reaches the next ".

Also, you've got two security errors in your script. Namely you're using POST variables directly in your script. Process the variables first, make sure the data that is getting processed is the data you want to be processed or you're likely to get 'spam'.