0

How do I set this up such that when a user enters his first name and last name, I write it to a .html file and then give the user a link to view the information that they have just entered?

I know I could just echo that out like I am already doing with $_POST['userfName'] after Welcome, but I just want to write to some .html file and echo this information back to the user to view(see).

{ 
        $_SESSION['userEmail'] = $_POST['userEmail']; 
        $_SESSION['start'] = time(); 
        echo "Welcome, " . $_POST['userfName'] .  $_POST['userlName'] .". A new session has been activated for you. Click <a href="sometextfile.html">here</a> to see your information.";
        echo "<br>Your session id is: ".session_id(); 
    }
Improve this question

3 Answers 3

Reset to default
2

You want to actually generate a new HTML file for each user that logs in? That kind of defies the point of server-side scripting.

In fact, it's a bad idea security-wise to let your scripts have write access to your web server root.

What you'd want to do is link to "sometextfile.php?sessid=" or use a cookie containing their session ID, then generate that page dynamically.

If you just want to write a text file to disk somewhere, you can create a string then use file_put_contents (http://php.net/file_put_contents). This could be put in the web root, but I'm guessing that's not actually what you're trying to do.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

The session is propagated automatically in a cookie in php. but otherwise good answer. +1
sometextfile.php?sessid=, Could you please elaborate on this secure idea, thank you.
Never mind, I just figured out what you were talking about, thanks.
1

Like this. 

 $message = ...;
 file_put_contents(dirname(__FILE__)."\message.html", $message);
 echo "<a href=message.html>Your message</a>

BUT your web server might now have permissions to write to the web directory. And it opens you up for all kind of badness. Imagine if a user wrote a php script in the message (<? echo phpinfo()?> for example) . now your server is compromised. You need to validate and clean your input if you do this.

EDit Nick is right, using the method i suggested will cause your users to overwrite each others messages. I wouldn't recomend doing this. Follow Nicks suggestion of sending the user to a dynamically generated page.

Improve this answer

Comments

0

It sounds like you're stumbling into the need for a database! Congratulations!

Since you're using PHP, the easiest/cheapest route is to either install or get access to a MySQL server.

Then you can create a table storing your user's names, and give them a URL to access a dynamic page with their information on it, and you're on you're way to a promising career. For help with the MySQL, check out this tutorial.

Eventually you'll probably want to jump into a framework like Code Igniter, CakePHP or Symfony (to name a few) to start doing all this dirty work for you so you can concentrate on the fancy stuff.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.