Source language: Translate to:

Trick: Save form data into a server file.

General questions about NeoAppBuilder - our rapid application development tool for building HTML5, web and mobile apps.

Moderator: Neosoft Support

Trick: Save form data into a server file.

Postby luishp » Mon Feb 15, 2016 1:37 pm

It is quite easy to save the data submited from a NAB form to a server located file using PHP.
Just copy this code into a plain text editor and save it as "savedata.php", then upload it to your webserver:

Code: Select all
<?php
//Header required when app and php are of different origins
header("Access-Control-Allow-Origin: *");
$message="";
if($_SERVER["REQUEST_METHOD"] === "POST") {
   foreach ($_POST as $key => $value){
      $message .= "".htmlspecialchars($key).": ".htmlspecialchars($value)."\r\n";
   }
   $message = $message."\r\n";
   $file = 'file.txt';
   $data = $message;
   file_put_contents($file, $data, FILE_APPEND | LOCK_EX);
}else{
   $result = "INVALID DATA";
   echo $result;
}
echo "SUCCESSFULLY SAVED";
?>

On Form properties replace the "action" one with:

Code: Select all
http://yourdomain.com/yourfolder/savedata.php

You can use the FormSubmitToFile sample App to test it.
Data will be appended into "file.txt" located on your server, same folder as "savedata.php".

Regards.
Luis Hernández - SinLios Soluciones Digitales
http://sinlios.com
User avatar
luishp
 
Posts: 357
Joined: Wed May 23, 2007 10:17 am
Location: Spain

Re: Trick: Save form data into a server file.

Postby Neosoft Support » Mon Feb 15, 2016 8:08 pm

Could something like this be used by hackers to fill up your server with junk files?
NeoSoft Support
Neosoft Support
NeoSoft Team
 
Posts: 5593
Joined: Thu Mar 31, 2005 10:48 pm
Location: Oregon, USA

Re: Trick: Save form data into a server file.

Postby luishp » Tue Feb 16, 2016 12:45 am

Yes, it is possible as it is right now (at least junk data, not junk files).
To avoid this you can:
-Remove the header to disalow cross domain data sending (you should host your app and php file both in the same server).
-Use some kind of captcha (an idea for a new plugin)
-Use password protection to access your form (as soon as we can add php code to NAB plugins, I plan to develop some plugins for this too).

In any case, server side programming should be always carefully thought.
This code is for educational porpouses only.
Use it at your own risk.
Regards.
Luis Hernández - SinLios Soluciones Digitales
http://sinlios.com
User avatar
luishp
 
Posts: 357
Joined: Wed May 23, 2007 10:17 am
Location: Spain


Return to General NeoAppBuilder Discussion

Who is online

Users browsing this forum: No registered users and 1 guest