///////////index//////////// <?php // Catch form subm


///////////index//////////// <?php // Catch form submit if( $_SERVER['REQUEST_METHOD'] == 'POST' ) { // Validate and clean POST keys foreach( $_POST as $key => $data ) { $$key = trim(stripslashes(strip_tags($data))); } // Build filename './pages/'.$name.'.'.$ext = $name.'.'.$ext; // Check if file exists and if overwriting is allowed if( file_exists('./pages/'.$name.'.'.$ext) && !isset($overwrite) ) { echo 'File "','./pages/'.$name.'.'.$ext,'" already exists - overwrite not allowed.'; } else { // Build title tag $title_tag = (empty($title)) ? 'Untitled Page{E_TITLE}' : $title.'{E_TITLE}'; // Write to file if( !file_put_contents('./pages/'.$name.'.'.$ext,$title_tag.$content) ) { echo 'Error writing to file.'; } else { echo 'File written successfully.'; } } } ?> <body bgcolor="#9bbb59"> <?php include_once 'top.html'; ?> <form action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post"> <p> <label for="name">Filename</label><input type="text" name="name" id="name" size="20" /> . <select name="ext"> <option value="html">html</option> <option value="php">php</option> <option value="txt">text</option> </select> <input type="checkbox" name="overwrite" value="true" /> Overwrite if file exists? </p> <p> <label for="title">Page Title</label><input type="text" name="title" id="title" size="45" /> </p> <p> <label for="content">Content</label><textarea name="content" id="content" rows="6" cols="40"></textarea> </p> <p> <input type="submit" value="Save File" /> </p> </form> <hr /> </body> <?php $requested_page = trim(stripslashes(strip_tags($_GET['page']))); /** * To prevent people from exploiting the site, * we'll check the requested page against known * good files. / $pages = array( 'home' => 'home.html', 'about' => 'about.txt', 'contact' => 'contact.php' ); // Check page if( !array_key_exists($requested_page,$pages) ) { // Default to home $requested_page = 'home'; } // Get page $page = file_get_contents($pages[$requested_page]); list($title,$content) = explode('{E_TITLE}',$page); ?> ///////////////scripts///////////////////// <?php // First we need to get the requested page $requested_page = trim(stripslashes(strip_tags($_GET['page']))); // Now we'll build an array of pages that are in our pages directory $pages = array(); // Empty array $page_dir = opendir('./pages/'); // Loop through the pages directory while( $page = readdir($page_dir) ) { // We need to make sure the current file is not a parent or the current directory if( $page != '.' && $page != '..' ) { // Add page to array $pages[] = $page; } } // Clean up closedir($page_dir); /* * We now have an array with all valid pages; * check requested page against this */ if( !in_array($requested_page,$pages) ) { // Default to home page $requested_page = 'home'; } // Now we grab the page content (remember, we still need to parse the title) $page = file_get_contents('./pages/'.$requested_page.'.php'); // Parse the page to get title and contents list($title,$content) = explode('{E_TITLE}',$page); // Now we simply build the page $header = file_get_contents('./pages/header.html'); // Replace {TITLE} with the page title and output $header = str_replace('{TITLE}',$title,$header); echo $header; // Include the top.html file you have include('./pages/top.html'); // Echo the content echo $content; // And finally the footer include('./pages/footer.php'); ?>