Understanding how to read and write to files on the server is only part of the data storage process. It's likely you will also want to use directories at the same time. A directory is the same thing you might think of as a folderit's a subsection of the hard drive which can store other files and directories. By default all your Web pages go within a specific directory (frequently called www or html ) and within this directory you can create more directories for storing images, data, and so forth.
The path will constitute the name and location of the directory while the permissions (in the form of a zero followed by three digits, such as 0666 ) will assign access rights to the directory.
Let's create a script that, when a new user logs in, creates a new directory for them.
-
First you'll create a simple registration page that takes a Username and password. Open your text editor and begin a new HTML document (Script 10.5).
Script 10.5. This is a very simple registration form, requiring only two fields. The form in your applications will most likely be more involved, but the processes will be the same.
<HTML><HEAD><TITLE>Registration Form</TITLE></HEAD><BODY>
-
Create a form whose ACTION attribute is HandleNewUser.php and whose METHOD is POST.
<FORM ACTION="HandleNewUser.php" METHOD=POST>
Since the form will take a password, be sure to use POST and not GET, as the latter is less secure.
-
Create two inputsone TEXT for the Username and one PASSWORD for the Password.
Username <INPUT TYPE=TEXT NAME= "Array[Username]" SIZE=15><BR> Password <INPUT TYPE=PASSWORD NAME= "Array[Password]" SIZE=15><BR>
Be sure to make the TYPE equal to PASSWORD for the Password field so that the entered text is not visible ( Figure 10.10 ).
Figure 10.10. This is the very basic registration form. The PASSWORD form INPUT TYPE hides the user entered information typed there.
-
Create a Submit button, then close the form and the HTML document.
<INPUT TYPE=SUBMIT NAME="SUBMIT" VALUE="Submit!"> </FORM></BODY></HTML>
-
Save the page as NewUser.html and upload it to your server.
Now you'll need to make a blank data file called users.txt and set the proper permissions for it, just as you did with data.txt.
-
Create a new, blank document in your text editor.
-
Save the document as users.txt and upload it to the server, in the same directory as NewUser.html.
-
Set the permissions of users.txt so that everyone can read to and write from it.
The third step is to make a directory into which PHP will create all the other directories.
-
Using your FTP or telnet application (or Web-based control panel provided by your ISP), create a new directory called users, within the same directory as NewUser.html and users.txt.
-
Set the permissions on the users directory so that everyone can read from, write to, and search through it.
Finally, you'll write the HandleNewUser.php script which will process the information from the form and create the new directory.
-
Open your text editor and create a new PHP document.
-
Begin by opening up the PHP and then write the first function (Script 10.6).
Script 10.6. Although I wrote it as two functions here, you could create a third function explicitly for the purposes of creating the directory. To do so you would need to separate out the mkdir() conditional from the WriteToFile() function.
<? function MakeDirectoryName ($Username) { srand ((double) microtime() * 1000000);srand(mktime()); $Name = rand() . $Username; return $Name; } // End of MakeDirectoryName Function.
The directory name will be made using the Username and a random number. The name is generated by seeding the srand() function with a timestamp and then randomly picking a number based upon that. The concatenation of this number to the $Username should insure a unique directory name every time, which is then returned by the function.
-
Copy the WriteToFile() function from Script 10.4 and slightly alter it:
function WriteToFile ($Username, $Password) { $TheFile = "users.txt"; $Open = fopen ($TheFile, "a"); if ($Open) { $Password = md5 ($Password);
One of the things you'll want to change here is the name of the text file (now users.txt). You'll also add a line encrypting the password before being stored (you generally always want to store an encrypted version for security reasons).
-
Create the directory name.
$Directory = "users/" . MakeDirectoryName ($Username);
The new directory's name is created by calling the MakeDirectoryName function and stating that the directory will be a sub-directory of users.
Figure .
-
Add the new data to the file.
fwrite ($Open, "$Username\t$Password} t$Directory\n"); fclose ($Open);
-
Attempt to create a directory and write a conditional to handle the success of the action.
if (!(mkdir ($Directory, "0777"))) { $Directory = FALSE; } } else { $Directory = FALSE; } return $Directory; } // End of WriteToFile Function.
The $Directory variable is assigned a value of the new directory name only if the file is successfully opened. If the file cannot be opened or if the directory cannot be made, $Directory is equal to FALSE, indicating that the function failed to perform its duties as requested , so this variable will be returned.
-
Close the PHP code area and create the HTML header.
?><HTML><HEAD><TITLE>Using Directories</TITLE><BODY>
-
Open a second PHP section and then create the main conditional.
<?php if (($Array[Username]) && ($Array[Password])) { $Check = WriteToFile ($Array[Username], $Array[Password]); if ($Check) { print ("Your request was successfully processed! <BR>\n"); } else { print ("Your request was not processed due to a system error!<BR>\n"); } } else { print ("Please enter a Username and Password!\n"); }
This part should be straightforward to you by now. There is a check to see if both form fields were filled in and, if so, it proceeds to write the data to the file and create the new directory. An appropriate message is sent based upon the returned value from the function.
-
Close this last PHP section and the HTML page itself.
?></BODY></HTML>
-
Save the page as HandleNewUser.php, upload it to the server (in the same location as the users directory, the users.txt file, and the NewUser.html page), and test it in your Web browser (Figures 10.11 and 10.12).
Figure 10.11. If everything worked according to design, the only message the user will see is this one.
Figure 10.12. The users.txt file lists three tab-delineated fields of information: the username, an encrypted version of the password, and the user's directory name.
At some point, although not for the purposes here, you may want to create a system to guarantee unique usernames. The process for doing so is simple enough: before attempting to create the directory, use PHP to check your list of existing usernames for a match to the just-registered name. If no match is found, the new name is acceptable. If the username is already in use, the PHP can create an error message requesting a new username.