tags:

views:

54

answers:

3

Hi all,

fwrite($fh, <?php $fields = array("url", "shoutcast_url", "site_name", "site_subtitle", "email_suffix", "twitter_username", "skype_name", "phone_number"); 
                foreach ($fields as $field)
                    $$field = mysql_real_escape_string($_POST[$field]);

                mysql_query("UPDATE config SET url='{$url}', shoutcast_url='{$shoutcast_url}', site_name='{$site_name}', site_subtitle='{$site_subtitle}', email_suffix='{$email_suffix}', twitter_username='{$twitter_username}', skype_name='{$skype_name}', phone_number='{$phone_number}'")     
                or die(mysql_error()); ?>);

Is there an easier way to fwrite this? (I know that won't work, but obviously it's very time consuming to format it correctly)

Thanks!

A: 

You can't use PHP tag in PHP code...

You must use it in '' characters like a string.

Svisstack
You can, if you do this in a string :D`string = '<?php blabla; ?>` Of course that won't do anything, but saying, that you can't use them seems to be wrong :P
faileN
But then I have to escape it at all...surely there's an easier way?
Sam
A: 

I'm not sure what you want to do but if you just want to create some file with some content you may take a look at file_put_contents()

Kamil Szot
A: 

As Svisstack said, you should use '':

$code = '<?php
$fields = array("url", "shoutcast_url", "site_name", "site_subtitle", "email_suffix", "twitter_username", "skype_name", "phone_number");
foreach ($fields as $field) {
    $$field = mysql_real_escape_string($_POST[$field]);
}
mysql_query("UPDATE config SET url=\'{$url}\', shoutcast_url=\'{$shoutcast_url}\', site_name=\'{$site_name}\', site_subtitle=\'{$site_subtitle}\', email_suffix=\'{$email_suffix}\', twitter_username=\'{$twitter_username}\', skype_name=\'{$skype_name}\', phone_number=\'{$phone_number}\'") or die(mysql_error());
?>';
fwrite($fh, $code);
kgb