Hi Jan, to prevent closing you need to say the form that this is not wished:
<form action="post.php" method="post" target="hidden-form"> <span>title:<input type="text" name="title" value=<<currentTiddler>>></span><br/> Created: <input type="text" name="created"></text><br/> Info1 wanted from user: <textarea name="info1"></text><br/> Body: <textarea name="body"></text><br/> <input type="submit" value="Hochladen"> </form> <iframe style="display:none" name="hidden-form"></iframe> please note the target attribute in the form opening. and the iframe at the end. to your question if it is possible to insert php code trough this input: yes someone can input php code. but this code is not executed. as long as you only do string operation with the user input, I see no way how any php code is able to be executed. only then you include the tiddlywiki file in your php script with a include statement it is possible that such code get executed. so far from me QuaraMan Am Donnerstag, 19. April 2018 22:47:08 UTC+2 schrieb Jan: > > Hi Quaraman, > thanks, I tried out the code, (http://szenio.de/Kommentare/#Version%20Q) > Your approach is to rebuild the .tid-file. > I would like to extract it by means of the template because I also want to > have various fields in different usecases (geo-tagging, image und > video-urls etc) > Therefore I would like to use the template which exports tid-files > {{$(storyTiddler)$||$:/core/templates/tid-tiddler}} . > > Do you have any ideas for preventing the Wiki from closing when pressing > submit and showing the message in a modal instead. > > Jan > > Am 18.04.2018 um 12:18 schrieb [email protected] <javascript:>: > > Hi Jan, > > the best I would do is to separate the fields in different questions to > the user: > > 1. > > <form action="post.php" method="post"> > > <span>title:<input type="text" name="title" > value=<<currentTiddler>>></span><br/> > Created: <input type="text" name="created"></text><br/> > Info1 wanted from user: <textarea name="info1"></text><br/> > Body: <textarea name="body"></text><br/> > <input type="submit" value="Hochladen"> > > </form> > > 2. The post.php > > <?php > $title = $_POST['title']; > $created = $_POST['created']; > $info1 = $_POST['info1']; > $body = $_POST['body']; > > //this use a heredoc for php as explained here: > http://php.net/manual/en/language.types.string.php > $content= <<<EOD > title: $title > created: $created > > ! Info1 answer from user > > $info1 > > $body > EOD; > > $postfile = fopen('post/'.$title.'.tid', "w") or die("Unable to open > file!"); > fwrite($postfile, $content); > fclose($postfile); > ?> > > That should do the trick. > > the time and day of the user send data can also be calculated, in php / > tiddlywiki > > php: look at http://php.net/manual/en/function.date.php > tiddlywiki look at: https://tiddlywiki.com/#now%20Macro > > QuaraMan > > Am Mittwoch, 18. April 2018 01:42:38 UTC+2 schrieb Jan: >> >> Hello and thanks Quaraman, >> how can I get the missing characters (is it /n) in to the file if the >> form? >> I guess it is the wikifikation that causes the trouble but without >> nothing gets inserted at all... >> >> Jan >> >> >> >> >> Am 18.04.2018 um 00:38 schrieb [email protected]: >> >> Hello Jan, >> >> the .tid file format is as follows (between the - lines): >> >> ---------------------------------------------------- >> field1: value of field1 >> field2: value of field2 >> >> content of tiddler >> ----------------------------------------------------- >> >> so your file is only one line long. >> the import process can also not finish, because it sees a tiddler with >> one field. >> >> hope that helps. >> quaraman >> >> Am Dienstag, 17. April 2018 23:57:20 UTC+2 schrieb Jan: >>> >>> Hello, >>> I have been seeking for a method to allow students to post contributions >>> in the form that I easily can import as a Tiddler. >>> Now finally I built a very basic mechanism to post a Tiddler to a >>> directory called post as a tid. >>> >>> It consists of two parts >>> >>> 1. The Upload-button (which is trancluded by a viewTemplate >>> \define ExportTid() {{$(storyTiddler)$||$:/core/templates/tid-tiddler}} >>> >>> <$wikify name="ExTid" text=<<ExportTid>> > >>> <form action="post.php" method="post"> >>> <span>title:<input type="text" name="title" >>> value=<<storyTiddler>>></span><br> >>> <span>tiddler:<input type="text" name="content" value=<<ExTid>> >>> ></span><br> >>> <input type="submit" value="Hochladen"> >>> </form> >>> </$wikify> >>> >>> >>> 2. The post.php >>> <?php >>> $title = $_POST['title']; >>> $content = $_POST['content']; >>> $postfile = fopen('post/'.$title.'.tid', "w") or die("Unable to open >>> file!"); >>> fwrite($postfile, $content); >>> fclose($postfile); >>> ?> >>> >>> So far it generates a Tid which looks like exactly like the an exported >>> .Tid-file but appear to empty when importing it to TW. >>> And it closes the wiki. >>> >>> So there is still a quite bunch of Questions to be solved: >>> >>> 1. What is wrong with my .tid file? >>> 2. How do I avoid the TW form being closed when calling the php? >>> 3. Is there a way to trigger a TW-action with the same click that >>> submits the form? >>> 4. (a php-question)How can I avoid beeing pwned by someone inducing a >>> php through this mechanism. >>> I hope you can help me solving these things... >>> >>> Jan >>> >>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "TiddlyWiki" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at https://groups.google.com/group/tiddlywiki. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/tiddlywiki/eb85c7c5-c36d-4e3d-9429-bb152c31b533%40googlegroups.com >> >> <https://groups.google.com/d/msgid/tiddlywiki/eb85c7c5-c36d-4e3d-9429-bb152c31b533%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> >> >> -- > You received this message because you are subscribed to the Google Groups > "TiddlyWiki" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To post to this group, send email to [email protected] > <javascript:>. > Visit this group at https://groups.google.com/group/tiddlywiki. > To view this discussion on the web visit > https://groups.google.com/d/msgid/tiddlywiki/38b150b4-73a7-43de-bda9-2ddc6db4cf96%40googlegroups.com > > <https://groups.google.com/d/msgid/tiddlywiki/38b150b4-73a7-43de-bda9-2ddc6db4cf96%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > > > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/d7bc20cf-1f7d-4b74-a981-274d0ade67a2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
