我只想替换名为" config.php"的文件中的一些内容。这是我要编辑的文件部分。我想使用表单来设置大写文本的值。我被卡住了,我看着StackOverflow和谷歌。我找不到任何东西。
$dbhost = "DBHOST"; /* "localhost" */
$dbuname = "DBUSERNAME"; /* "database user name" */
$dbpass = "DBPASSWORD"; /* "database password" */
$dbname = "DBNAME"; /* "database name" */
此外,表格应如何查找?
我有这个..
<form action="edit.php">
DB Server: <input type="text" name="host" placeholder="localhost"><br>
DB Username: <input type="text" name="dbuser" placeholder="admin"><br>
DB Password: <input type="password" name="dbpassword" placeholder="********"><br>
DB Name: <input type="text" name="db_name" placeholder="pnc"><br>
<button type="submit">Next Step</button>
</form>
答案 0 :(得分:3)
说你有这个文件:
<强> /home/websites/example.com/conf.php
<?php
$dbhost = "DBHOST"; /* "localhost" */
$dbuname = "DBUSERNAME"; /* "database user name" */
$dbpass = "DBPASSWORD"; /* "database password" */
$dbname = "DBNAME";
要替换这些占位符值,您只需要在变量中获取页面源并执行一些字符串替换,然后将其写回文件。
$confpath = '/home/websites/example.com/conf.php';
$confphp = file_get_contents($confphp);
// Note the POST values need to be CLEANED and validated first.
// This especially means whitelisting what characters are allowed
// in the POST-received variables, encoding and removing " and '.
// You have to be VERY careful to authentic the user, and verify
// that user has permissions to do what they're doing, with the
// databases/tables they're working with, unless this is part of
// an install script, which would need to be removed immediately
// upon finishing the install.
$confphp = str_replace(
array('DBHOST','DBUSERNAME','DBPASSWORD','DBNAME'),
array(
addslashes($post_cleaned_dbhost),
addslashes($post_cleaned_dbusername),
addslashes($post_cleaned_dbpassword),
addslashes($post_cleaned_db_name)
),
$confphp
);
file_put_contents($confpath, $confphp);
请注意,您要替换的值必须对文件的文本内容是唯一的(例如,同一文件中没有$DBUSERNAME),否则它将替换这些值同样。如果未写入文件,则返回false,因此您可以测试file_put_contents()的返回以验证其是否有效。
答案 1 :(得分:2)
您是否要创建一个表单,该表单将接受用户输入并更改文件中的行?我不建议直接从表单设置数据库连接。但如果有必要尝试使用普通格式存储数据,如JSON
$data = json_decode(file_get_contents($dataFileName));
写
file_put_contents(json_encode($data, $dataFileName));
供参考检查http://www.php.net//manual/en/book.json.php
如果文件采用典型的数据格式,则会清楚地显示您的文件。您可以将此database.json命名为
创建一个名为database.json的文件,其中包含以下内容:
{
"username": "...",
"password": "...",
"database": "...",
"host": "..."
}
然后,要阅读此数据,您可以使用
$data = json_decode(file_get_contents('database.json'));
$data['username'] = $newValue;
$username = $data['username'];
设置新值
file_put_contents(json_encode('database.json', $data));
从用户提交的数据连接到数据库时存在问题,例如切换到其他数据库并在页面中显示可用于XSS的恶意数据http://en.wikipedia.org/wiki/Cross-site_scripting
答案 2 :(得分:2)
制作带控制器的表格
HTML格式的代码
<form name="dbSet" id="dbSet" action="form_set_db.php" method="POST" />
<label>Host</label> <input type="text" name="host" id="host" /><br />
<label>Username</label> <input type="text" name="username" id="username" /><br />
<label>Password</label> <input type="password" name="password" id="password" /><br />
<label>Database</label> <input type="database" name="database" id="database" />
</form>
<强> form_set_db.php
require_once 'config.php';
if(isset($_POST["host"], $_POST["username"], $_POST["password"], $_POST["database"]))
{
$dbhost = $_POST["host"];
$dbuname = $_POST["username"];
$dbpass = $_POST["password"];
$dbname = $_POST["database"];
}
这会将$dbhost $dbuname $dbpass $dbname的值替换为您在表单中输入的值。
修改
请注意,这只会暂时替换它。如果你想要一个永久存储的配置文件(例如,如果你正在构建一个安装程序),我会动态创建config.php文件,而不是从头开始创建它。然后你会在form_set_db.php
if(isset($_POST["host"], $_POST["username"], $_POST["password"], $_POST["database"]))
{
$file = fopen("config.php", "w");
if(!is_resource($file)) { return false; }
fwrite($file, "$dbhost = '" . $_POST["host"] . "';\n");
fwrite($file, "$dbuname = '" . $_POST["username"] . "';\n");
fwrite($file, "$dbpass = '" . $_POST["password"] . "';\n");
fwrite($file, "$dbname = '" . $_POST["database"] . "';");
fclose($file);
}