2

I am using the php to generate some html codes

It is in the now ,

<textarea>
<html>
....
</html>
</textarea>

what i would like to do is create a button 'save as html'

When i press on it, it has a windows save as dialog, allow user choose the place to store,

then save to that place when confirm (the dialog should not be create by me, using the windows one.)

Is the workflow is : first i saved a temp html file in my server, then the user open dialog, (I do not need to worry about the 'saving to part' , just need to specific the temp html file path), and when the user close, i delete the temp file. So , how can it be realize? thanks

Thank you again.

Improve this question
1

3 Answers 3

Reset to default
4

You cannot just put an <html> tag into a <textarea> tag, it does not work that way.

I would suggest you use a premade solution such as TinyMCE which will take care of most things for you. Also use something like HTML Purifier to sanitize user input before you save it, as someone could save a malicious script.

The TinyMCE websites has lots of example on how to use it.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I am currently using ckeditor, it is similar thing i belive, are there any save as function provide by them? Thanks
@user782104: I never used ckeditor, but it looks like it would be possible. See for instance: sargelog.blogspot.com/2010/04/… or stackoverflow.com/questions/7777110/… (and I haven't googled it a lot...)
2

PHP is on the server-side don't forget. Once the page is generated, it is on the client. I think it makes more sense to do this sort of thing with javascript, although you could also post the data to a PHP page which would then obtain the data.

Send the 'input' data to a PHP page by POST method:

<form action="savedata.php">
     <input id="someElement" name="someElementName" type="textarea" />
     <input type="submit" />
</form>

Receive it on the PHP end:

# savedata.php

$inputdata = $_POST["someElementName"];
$filename = "somefile.html";
file_put_contents($filename, $inputdata);

Then you could have a link in PHP to download the file.

echo "<a href='".$filename."'>Right-click, Save Target As...</a>";

After that you can delete the file from your server like this:

unlink($filename);

To open a save file dialog - redirect to the file, your browser should open up a save file dialog:

header('Content-type: text/plain'); 
header('Content-disposition: attachment; filename="$filename"');

To view a preview of the file, make an iframe:

echo "<iframe src='$filename' width=600 height=200 frameborder=0 />";
Improve this answer

3 Comments

Thx, afterall how can i "save as"?
the part where it says header('Content-disposition: attachment; filename="$filename"'); is responsible for that
@user782104 yes, because the file is on your server - just throw it into an iframe. Updated answer with example.
2

You can do that using php header function, like this (assuming your html is posted to this page:

<?php

header('Content-Disposition: attachment; filename="filename.html"');
echo $_POST['html'];
?>

set this php page to be the target of that form and i guess you will be done

EDIT: but you should watch out for possible XSS attacks like Damien Pirsy noted in the comment, you always can sanitize the input though, strip things that are not needed like scripts.

Improve this answer

7 Comments

This would be a paradise for XSS attackers, though. Let them create arbitrary html files on your server...well, smells
you're right, but one can utilize it and sanitize it the way they want, like strip scripts and everything
Well, that would be a nice integration to your answer
@AL-Kateb how would you go about that when he's trying to generate a HTML page?
the question was specific and so was the answer, he has a text area that will have html code, he posted that html code, it got sanitized and sent to the user-agent this would still save the html file just fine, the whole point behind the answer was to point out how to have a save as dialogue as you're asking about that, just be pay attention to the scripts and all
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.