HiveBrain v1.2.0
Get Started
← Back to all entries
patternjavascriptMinor

Transferring large amounts of data in web editor

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
transferringeditorlargeamountswebdata

Problem

I am making a web editor for fun and I was told that the way I was doing it (using PHP) would be a bad way. I also thought about it while I was making it, and in massive sums of data transfer it would be a bad idea to do it this way. I can't think of another way to do it and was looking for someone to help me improve it, by that I mean my save method I am using.

Editor:




Web Editor









File:
C:\hello.html














JS:

function save() {
var dir = document.getElementById("file").innerHTML;
var data = document.getElementById("editPad").innerHTML;
window.location = "save.php?dir=" + encodeURIComponent(dir) + "&data=" + encodeURIComponent(data);
}


PHP:

","","");
$replaceWith = array("", "", "", "","");
$newData = str_replace($lookFor,$replaceWith,$data);

$f = fopen(urldecode($dir),"w");
fwrite($f,urldecode($newData));
fclose($f);
?>


All of it is just a work in progress and I need more done. But for right now, is there a better way for me to save the file with massive sums of data being transferred?

Solution

-
I'd prefer a form with a textarea rather than a contenteditable element. Forms and text areas were built for that purpose.

-
As for your save code, GET requests should not do anything on the server. It should only do what it was called to do, and that is to get data. I suggest you do a POST or PUT instead by using a form, or via AJAX.

-
An advantage of AJAX compared to forms is that you won't leave your page. Similar to how you did it, you grab the data and send it to the server.

-
Your editor is risky since it can write to an arbitrary file on the server (or worse, on the system). With this code, I can modify this PHP file itself and make it do all kinds of stuff. I suggest you do some research on how you can restrict where and what you can modify.

-
You need a more robust approach in stripping HTML from the data than doing it manually. PHP has some built-in functions to do that for you, like strip_tags. There could be better solutions that I'm not aware of as well.

-
Massive data? How much data do you expect you put in anyway? I suggest polishing the implementation first before optimizing for other stuff, like data size and so on.

Context

StackExchange Code Review Q#26502, answer score: 2

Revisions (0)

No revisions yet.