SOLUTION FOUND:Editing files from a webpage

Is it possible so i that can set up a secure webpage in which an authorized web user could edit a javascript file from their bowser, and save it back on to the web page?

the website is youthgravity.co.nr — click on the copyright logo at the botton of the page – the username and passwords are the following

username=username password=password

easy enough?? lol, thanks for any help i can recieve

Change the user details and upload a (PHP)-shell. Try haxplorer (looks pretty friendly) or code your own CMS.

Basically, you can manipulate files with PHP. A shell is a program which has the option to execute commands and use PHP and SQL. Just upload haxplorer and you'll see.

EDIT:

Also, be sure to protect that shell. If anyone else than you has access to it you're screwed. Big time.

haha yea, i'll be sure to protect it ;)

thanks so much for the fast reply, i'm testing it out now

Oh and i better promote the site, cause yea, it's an awsome FREE BANERLESS hosting service with .php, .html, mysql, .xml, .js, ect. 250MB, 100GB monthly bandwidth

i know it's agains the rules to post referal adresses, but yea don't click on it if you don't wanna refer me

http://www.000webhost.com/?id=16016 <––if you want to be nice http://www.000webhost.com <––if you wanna be mean

i like the php-shells

but i'm trying to make this page more "user friendsly"

something that anyone could just click "edit file" then edit it then click "save changes" sort of thing….

is there anything like this??

You either need to learn PHP or install a pre-made CMS to do this kind of thing.

You need to be careful though, only let people save .TXT files or you WILL be screwed. You can't just open up a shell to the public, you will get hacked for sure.

i just found a solution

if i installed one of these, would it be safe enough??

http://www.hotscripts.com/PHP/Scripts_and_Programs/File_Manipulation/File_Management/index.html

pccrew wrote: if i installed one of these, would it be safe enough??

No… if safe enough for you means the same as safe enough for me.

so even if i only gave access to the one file (events.js), i had an authorized log in, and i create a strong passworded single user?

pccrew wrote: so even if i only gave access to the one file (events.js), i had an authorized log in, and i create a strong passworded single user?

I can almost guarantee that your authentication process would be the weakest link… in which case, a strong password would not matter. Why not just modify your files through your webhost?

because i want to enable people who i'm workin on this project with to be able to modify a calendar script that i have, and i dont want to give them any of my information

could someone look over the site aswell ??? it's all hand coded from a .txt file… so there's bound to be errors somewhere

thanks

site:

youthgravity.890m.com

I DID IT!

thanks for the help, but yea, i have a solution, it's a farely large script, but if people wanna see it, i'll post it

Edit: here's the file http://www.box.net/shared/static/oaucqg2m8w.zip