Change "send-to-email" into "save-as-file"

Beginners - Learning PHP
#1

The following php file works successfully to send a form’s contents in an email.
<?php
// generate the UID
$bytes = random_bytes(8);
$pnc_uid = (bin2hex($bytes));
// replace 6 lowercases for uppercases, just to make the string look more interesting!!
$pnc_uid = str_replace(‘f’,‘F’, $pnc_uid);
$pnc_uid = str_replace(‘a’,‘A’, $pnc_uid);
$pnc_uid = str_replace(‘i’,‘J’, $pnc_uid);
$pnc_uid = str_replace(‘o’,‘X’, $pnc_uid);
$pnc_uid = str_replace(‘t’,‘T’, $pnc_uid);
$pnc_uid = str_replace(‘z’,‘Z’, $pnc_uid);
?>

<?
// convert Year to single uppercase letter, excluding I, O  - runs out in 2044!!
$dateY = date("Y"); $dateY = str_replace('2021','A', $dateY);$dateY = str_replace('2022','B', $dateY);$dateY = str_replace('2023','C', $dateY);$dateY = str_replace('2024','D', $dateY);$dateY = str_replace('2025','E', $dateY);$dateY = str_replace('2026','F', $dateY);$dateY = str_replace('2027','G', $dateY);$dateY = str_replace('2028','H', $dateY);$dateY = str_replace('2029','J', $dateY);$dateY = str_replace('2030','k', $dateY);$dateY = str_replace('2031','L', $dateY);$dateY = str_replace('2032','M', $dateY);$dateY = str_replace('2033','N', $dateY);$dateY = str_replace('2034','P', $dateY);$dateY = str_replace('2035','Q', $dateY);$dateY = str_replace('2036','R', $dateY);$dateY = str_replace('2037','S', $dateY);$dateY = str_replace('2038','T', $dateY);$dateY = str_replace('2039','U', $dateY);$dateY = str_replace('2040','V', $dateY);$dateY = str_replace('2041','W', $dateY);$dateY = str_replace('2042','X', $dateY);$dateY = str_replace('2043','Y', $dateY);$dateY = str_replace('2044','Z', $dateY);
// convert Month to single lowercase letter, excluding i, o
$dateM = date("m"); $dateM = str_replace('01','a', $dateM);$dateM = str_replace('02','b', $dateM);$dateM = str_replace('03','c', $dateM);$dateM = str_replace('04','d', $dateM);$dateM = str_replace('05','e', $dateM);$dateM = str_replace('06','f', $dateM);$dateM = str_replace('07','g', $dateM);$dateM = str_replace('08','h', $dateM);$dateM = str_replace('09','w', $dateM);$dateM = str_replace('10','x', $dateM);$dateM = str_replace('11','y', $dateM);$dateM = str_replace('12','z', $dateM);
// convert Day Number to one or two lowercase letters, excluding i, o
$dated = date("d"); $dated = str_replace('01','a', $dated);$dated = str_replace('02','b', $dated);$dated = str_replace('03','c', $dated);$dated = str_replace('04','d', $dated);$dated = str_replace('05','e', $dated);$dated = str_replace('06','f', $dated);$dated = str_replace('07','g', $dated);$dated = str_replace('08','h', $dated);$dated = str_replace('09','j', $dated);$dated = str_replace('10','k', $dated);$dated = str_replace('11','m', $dated);$dated = str_replace('12','m', $dated);$dated = str_replace('13','p', $dated);$dated = str_replace('14','q', $dated);$dated = str_replace('15','r', $dated);$dated = str_replace('16','s', $dated);$dated = str_replace('17','t', $dated);$dated = str_replace('18','u', $dated);$dated = str_replace('19','v', $dated);$dated = str_replace('20','w', $dated);$dated = str_replace('21','x', $dated);$dated = str_replace('22','y', $dated);$dated = str_replace('23','z', $dated);$dated = str_replace('24','aa', $dated);$dated = str_replace('25','bb', $dated);$dated = str_replace('26','cc', $dated);$dated = str_replace('27','dd', $dated);$dated = str_replace('28','ee', $dated);$dated = str_replace('29','ff', $dated);$dated = str_replace('30','gg', $dated);$dated = str_replace('31','hh', $dated);
// convert Hour to single uppercase letter, excluding i, o
$dateH = date("h");$dateH = str_replace('01','A', $dateH);$dateH = str_replace('02','B', $dateH);$dateH = str_replace('03','C', $dateH);$dateH = str_replace('04','D', $dateH);$dateH = str_replace('05','E', $dateH);$dateH = str_replace('06','F', $dateH);$dateH = str_replace('07','G', $dateH);$dateH = str_replace('08','H', $dateH);$dateH = str_replace('10','J', $dateH);$dateH = str_replace('11','K', $dateH);$dateH = str_replace('12','L', $dateH);$dateH = str_replace('13','M', $dateH);$dateH = str_replace('14','N', $dateH);$dateH = str_replace('15','P', $dateH);$dateH = str_replace('16','Q', $dateH);$dateH = str_replace('17','R', $dateH);$dateH = str_replace('19','S', $dateH);$dateH = str_replace('20','T', $dateH);$dateH = str_replace('21','U', $dateH);$dateH = str_replace('22','V', $dateH);$dateH = str_replace('23','W', $dateH);$dateH = str_replace('24','X', $dateH);
// Minutes and Seconds are unconverted
?>

<?php
$pnc_SUBJECT = $dateY . $dateM . $dated . $dateH . date(is) . "-" . $pnc_uid;
$pnc_FILENAME = $dateY . $dateM . $dated . $dateH . date(is) . "_" . $pnc_uid . ".php";
$pnc_FILEPATH = "/a/";
?>

<?php
if(!isset($_POST['submit']))
{
	//This page should not be accessed directly. Need to submit the form.
	echo "error; you need to submit the form!\n";
}
$title = $_POST['title'];
$subtitle = $_POST['subtitle'];
$body_text = $_POST['body_text'];

//Validate $variable not empty (COMMENTED OUT!!!)
//if(empty($variable)) 
//{
//    echo "$variable is REQUIRED!";
//    exit;
//}

if(IsInjected($visitor_email))
{
    echo "Bad email value!";
    exit;
}

$email_from = '[email protected]';//<== THIS IS the email address it will be sent to
$email_subject = " $pnc_SUBJECT";

$email_body =  "<div class='psf-title'> $title </div>\n\n";
$email_body .= "<div class='psf-subtitle'> $subtitle </div>\n\n";
$email_body .= "<div class='psf-body_text'> $body_text </div>\n\n";
   
$to = "[email protected]";//<== USE the SAME email address as _from
$headers = "From: $email_from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
//Send the email!
mail($to,$email_subject,$email_body,$headers);
//done. redirect to thank-you page.
header('Location: success.php');


// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}
   
?>

Can some kind person please edit this so that instead of sending an email it:
(1) saves $body_text as a text file
(2) in a file called $pnc_FILENAME
(3) in a folder pointed to by $pnc_FILEPATH

#2

https://www.php.net/manual/en/function.file-put-contents.php

https://www.w3schools.com/php/php_file_create.asp

#3

Interestingly, while waiting to hear, I added this code:
// Write $email_body to a file in FILEPATH
$myfile = fopen("$pnc_FILEPATH/a/$pnc_FILENAME", “w”) or die(“Unable to open file!”);
fwrite($myfile, “$email_body”);
fclose($myfile);
and found that it worked!
Any suggestions of weakness or alternatives re this code?
Thanks for your recommendations.

#4

Just be mindful that if the same values are present, it will overwrite the file.

Sponsor our Newsletter | Privacy Policy | Terms of Service